Already started working on the patch for this, but essentially I want to prevent certain users that have access to "masquerade" from switching to roles with higher privileges than they may currently have. The best way to accomplish this--as I understand now, is to restrict which roles each role is allowed to "masquerade as".
Would like some feedback on this as well.
FAILED: [[SimpleTest]]: [MySQL] Unable to apply patch interdiff_1171500-57-to-58.patch. Unable to apply patch. See the log in the details link for more information.
FAILED: [[SimpleTest]]: [MySQL] 17 pass(es), 20 fail(s), and 7 exception(s).