tipocket icon indicating copy to clipboard operation
tipocket copied to clipboard
verified publisher icon pingcap

Add minimal privileges test for backup using dynamic privs

Open morgo opened this issue 4 years ago • 0 comments

What problem does this PR solve?

This reopens https://github.com/pingcap/tipocket/pull/411

I discussed it with others, and there is a limitation in ticases in that it's not possible to change the DSN and effectively test the privilege system.

This depends on https://github.com/pingcap/tidb/pull/25039 merging. If Ticases can support change user, we can migrate the test at a later point.

What is changed and how does it work?

Check List

Tests

  • E2E test

Code changes

  • Has Go code change

Side effects

  • None

Related changes

  • None

Does this PR introduce a user-facing change?:

There is no imcompatibility or change - if users want to keep allocating SUPER privilege to backup operators, they can still do that. However, we should encourage principal of least privilege to our users for security best practice. So from that perspective, there is a user-facing change that using BACKUP_ADMIN and RESTORE_ADMIN will be encouraged over SUPER.

morgo avatar Jun 07 '21 20:06 morgo