SET SESSION AUTHORIZATION

From MariaDB 12.0, certain users can perform server actions as another user:

This is implemented through the SET SESSION AUTHORIZATION statement.
This permits everything that can be done in a stored procedure with an arbitrary definer.
In particular, this bypasses account lock, expired password, authentication, REQUIRE SSL checks, and so on.
Users are required to have the SET USER privilege.
Does not work inside transactions, the Performance Schema and stored procedures.

Examples

SELECT USER(), CURRENT_USER(), DATABASE();

+--------------------+--------------------+------------+
| user()             | current_user()     | database() |
+--------------------+--------------------+------------+
| msandbox@localhost | msandbox@localhost | test       |
+--------------------+--------------------+------------+
1 row in set (0.000 sec)

SET SESSION AUTHORIZATION foo@localhost;
SELECT USER(), CURRENT_USER(), DATABASE();

+---------------+----------------+------------+
| user()        | current_user() | database() |
+---------------+----------------+------------+
| foo@localhost | foo@%          | NULL       |
+---------------+----------------+------------+

PreviousSET PASSWORD NextSET ROLE

Last updated 26 days ago

Was this helpful?