Add documentation for SEM #5647
Conversation
ti-chi-bot
added
missing-translation-status
TomShawn
added
for-future-release
ti-chi-bot
removed
the
missing-translation-status
|
/lgtm |
|
PTAL @SunRunAway |
| @@ -427,6 +427,17 @@ Constraint checking is always performed in place for pessimistic transactions (d | |||
| - Default value: ON | |||
| - This variable controls whether to record the execution information of each operator in the slow query log. | |||
|
|
|||
| ### tidb_enable_enhanced_security | |||
There was a problem hiding this comment.
Is this variable readonly?
There was a problem hiding this comment.
Yes it is. Or more specifically it is Scope: None, which is the same as read-only.
There was a problem hiding this comment.
TiDB system variables behave similar to MySQL with some differences, in that settings might apply on a SESSION, INSTANCE, or GLOBAL scope, or on a scope that combines SESSION, INSTANCE, or GLOBAL.
- Changes to GLOBAL scoped variables only apply to new connection sessions with TiDB. Currently active connection sessions are not affected. These changes are persisted and valid after restarts.
- Changes to INSTANCE scoped variables apply to all active or new connection sessions with the current TiDB instance immediately after the changes are made. Other TiDB instances are not affected. These changes are not persisted and become invalid after TiDB restarts.
The document does not mention any about what Scope: None means. Cloud you add some explanations?
There was a problem hiding this comment.
I agree with you. I will change it tomorrow to say Read Only instead.
(There are some minor differences, but they don't matter to users.)
There was a problem hiding this comment.
This is improved in c8758d7 , PTAL again thx :-)
|
[REVIEW NOTIFICATION] This pull request has been approved by:
To complete the pull request process, please ask the reviewers in the list to review by filling The full list of commands accepted by this bot can be found here. Reviewer can indicate their review by writing |
ti-chi-bot
added
status/LGT2
|
/merge |
|
This pull request has been accepted and is ready to merge. Commit hash: c8758d7
|
ti-chi-bot
added
the
status/can-merge
TomShawn
added
the
requires-followup
|
Follow-up: Minor wording issue |
|
/translation done |
ti-chi-bot
added
the
translation/done
ti-chi-bot
removed
the
translation/doing
TomShawn
removed
requires-followup
What is changed, added or deleted? (Required)
This adds the docs for https://github.com/pingcap/tidb/blob/master/docs/design/2021-03-09-security-enhanced-mode.md
Which was merged in a series of PRs to master. The exact restrictions may evolve over time, so the wording is kept to use simple language to say "restrictions include". It is intended for use in cloud environments where the "root" privilege is considered too powerful.
Which TiDB version(s) do your changes apply to? (Required)
This only affects master.
What is the related PR or file link(s)?
pingcap/tidb#24416
pingcap/tidb#24412
pingcap/tidb#24279
pingcap/tidb#23978
Do your changes match any of the following descriptions?