Strict Mode Permissions

Strict Mode will be a cluster-level option that must be enabled at startup, and cannot be changed while a cluster is running. When Strict Mode is turned on, the SingleStore permissions model changes in some important ways:

1. Strict Mode is irreversible: Strict Mode is enabled by setting strict-mode=true in the memsql.cnf configuration file and then restarting the server. Once this happens, Strict Mode becomes irreversible on the current cluster.

2. No WITH GRANT OPTION: In order to grant and revoke permissions, and manage roles and groups, a user must have the GRANT permission.

3. A user with the GRANT permission will not need to possess a given permission in order to grant it to others within the scoped database.

4. Under Strict Mode it is not possible to grant permissions to yourself.

5. CREATE USER required for password changes: In order to change a user’s password using GRANT … TO 'user'@'host' IDENTIFIED BY 'password', you must possess the CREATE USER permission. This prevents an admin with the GRANT permission to change the password on some user and grant them all permissions, thus effectively granting all permissions to themselves. Note that in Default Mode, to change a user’s password you need the GRANT permission. The aforementioned scenario is not an issue in Default Mode since you can only grant permissions which you possess.

6. No *.* permissions: when Strict Mode is turned on, most permissions may only be granted to a specific named database, not cluster-wide. The exceptions to this rule are: