Don't give the anonymous user create temp table or lock tables privileges.

@itemize @bullet

@item

@code{SET PASSWORD FOR ...} closed the connection in case of errors (bug

from 4.0.3).

@item

Increased max possible @code{max_allowed_packet} in @code{mysqld} to 1G.

@item

Fixed bug when doing a multi-line @code{INSERT} on a table with an

count(*)

100

unlock tables;

drop table if exists t1,t2,t3;

drop table if exists t1,t2,t3,t4;

  echo ""

  echo "Updating new privileges in MySQL 4.0.2 from old ones"

  @bindir@/mysql --user=root --password="$root_password" --host="$host" mysql <<END_OF_DATA

  update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv;

  update user set show_db_priv= select_priv, super_priv=process_priv, execute_priv=process_priv, create_tmp_table_priv='Y', Lock_tables_priv='Y', Repl_slave_priv=file_priv, Repl_client_priv=file_priv where user<>"";

END_OF_DATA

  echo ""

fi

bool sys_var_thd_bit::update(THD *thd, set_var *var)

{

  bool res= (*update_func)(thd, var);

  int res= (*update_func)(thd, var);

  thd->lex.select_lex.options=thd->options;

  return res;

}

bool sys_var_slave_skip_counter::check(THD *thd, set_var *var)

{

  bool result=0;

  int result= 0;

  LOCK_ACTIVE_MI;

  pthread_mutex_lock(&active_mi->rli.run_lock);

  if (active_mi->rli.slave_running)

    RETURN VALUE

    0	ok

    1	Something got wrong (normally no variables was updated)

    1	ERROR, message sent (normally no variables was updated)

    -1  ERROR, message not sent

*/

bool sql_set_variables(THD *thd, List<set_var_base> *var_list)

int sql_set_variables(THD *thd, List<set_var_base> *var_list)

{

  bool error=0;

  int error= 0;

  List_iterator<set_var_base> it(*var_list);

  set_var_base *var;

  while ((var=it++))

  {

    if (var->check(thd))

      return 1;

    if ((error=var->check(thd)))

      return error;

  }

  it.rewind();

  while ((var=it++))

  {

    if (var->update(thd))

      error=1;

  }

    error|= var->update(thd);			// Returns 0, -1 or 1

  return error;

}

  Functions to handle SET mysql_internal_variable=const_expr

*****************************************************************************/

bool set_var::check(THD *thd)

int set_var::check(THD *thd)

{

  if (var->check_type(type))

  {

    my_error(type == OPT_GLOBAL ? ER_LOCAL_VARIABLE : ER_GLOBAL_VARIABLE,

	     MYF(0),

	     var->name);

    return 1;

    return -1;

  }

  if ((type == OPT_GLOBAL && check_global_access(thd, SUPER_ACL)))

    return 1;

    if (var->check_default(type))

    {

      my_error(ER_NO_DEFAULT, MYF(0), var->name);

      return 1;

      return -1;

    }

    return 0;

  }

  if (value->fix_fields(thd,0))

    return 1;

    return -1;

  if (var->check_update_type(value->result_type()))

  {

    my_error(ER_WRONG_TYPE_FOR_VAR, MYF(0), var->name);

    return 1;

    return -1;

  }    

  return var->check(thd, this);

  return var->check(thd, this) ? -1 : 0;

}

bool set_var::update(THD *thd)

int set_var::update(THD *thd)

{

  int error;

  if (!value)

    var->set_default(thd, type);

  else if (var->update(thd, this))

    return 1;					// should never happen

    return -1;				// should never happen

  if (var->after_update)

    (*var->after_update)(thd, type);

  return 0;

  Functions to handle SET @user_variable=const_expr

*****************************************************************************/

bool set_var_user::check(THD *thd)

int set_var_user::check(THD *thd)

{

  return user_var_item->fix_fields(thd,0);

  return user_var_item->fix_fields(thd,0) ? -1 : 0;

}

bool set_var_user::update(THD *thd)

int set_var_user::update(THD *thd)

{

  if (user_var_item->update())

  {

    /* Give an error if it's not given already */

    send_error(&thd->net, ER_SET_CONSTANTS_ONLY);

    return 1;

    my_error(ER_SET_CONSTANTS_ONLY, MYF(0));

    return -1;

  }

  return 0;

}

  Functions to handle SET PASSWORD

*****************************************************************************/

bool set_var_password::check(THD *thd)

int set_var_password::check(THD *thd)

{

  if (!user->host.str)

    user->host.str= (char*) thd->host_or_ip;

  return check_change_password(thd, user->host.str, user->user.str);

  /* Returns 1 as the function sends error to client */

  return check_change_password(thd, user->host.str, user->user.str) ? 1 : 0;

}

bool set_var_password::update(THD *thd)

int set_var_password::update(THD *thd)

{

  return change_password(thd, user->host.str, user->user.str, password);

  /* Returns 1 as the function sends error to client */

  return (change_password(thd, user->host.str, user->user.str, password) ?

	  1 : 0);

}

/****************************************************************************

public:

  set_var_base() {}

  virtual ~set_var_base() {}

  virtual bool check(THD *thd)=0;	/* To check privileges etc. */

  virtual bool update(THD *thd)=0;	/* To set the value */

  virtual int check(THD *thd)=0;	/* To check privileges etc. */

  virtual int update(THD *thd)=0;	/* To set the value */

};

    else

      value=value_arg;

  }

  bool check(THD *thd);

  bool update(THD *thd);

  int check(THD *thd);

  int update(THD *thd);

};

  set_var_user(Item_func_set_user_var *item)

    :user_var_item(item)

  {}

  bool check(THD *thd);

  bool update(THD *thd);

  int check(THD *thd);

  int update(THD *thd);

};

/* For SET PASSWORD */

  set_var_password(LEX_USER *user_arg,char *password_arg)

    :user(user_arg), password(password_arg)

  {}

  bool check(THD *thd);

  bool update(THD *thd);

  int check(THD *thd);

  int update(THD *thd);

};

void set_var_init();

void set_var_free();

sys_var *find_sys_var(const char *str, uint length=0);

bool sql_set_variables(THD *thd, List<set_var_base> *var_list);

int sql_set_variables(THD *thd, List<set_var_base> *var_list);

void fix_delay_key_write(THD *thd, enum_var_type type);

extern sys_var_str sys_charset;