27.3.4.6. User-Defined Function Security Precautions
MySQL takes the following measures to prevent misuse of
user-defined functions.
You must have the INSERT
privilege to be
able to use CREATE FUNCTION
and the
DELETE
privilege to be able to use
DROP FUNCTION
. This is necessary because
these statements add and delete rows from the
mysql.func
table.
UDFs should have at least one symbol defined in addition to
the xxx
symbol that corresponds to the main
xxx()
function. These auxiliary symbols
correspond to the xxx_init()
,
xxx_deinit()
,
xxx_reset()
,
xxx_clear()
, and
xxx_add()
functions.
mysqld also supports an
--allow-suspicious-udfs
option that controls
whether UDFs that have only an xxx
symbol
can be loaded. By default, the option is off, to prevent
attempts at loading functions from shared object files other
than those containing legitimate UDFs. If you have older UDFs
that contain only the xxx
symbol and that
cannot be recompiled to include an auxiliary symbol, it may be
necessary to specify the
--allow-suspicious-udfs
option. Otherwise,
you should avoid enabling this capability.
UDF object files cannot be placed in arbitrary directories.
They must be located in the server's plugin directory. This
directory is given by the value of the
plugin_dir
system variable.
(Note: This a change in MySQL
5.1. For earlier versions of MySQL, the shared object can be
located in any directory that is searched by your system's
dynamic linker.)