mariadb

mirror/mariadb

Fork 0

mirror of https://github.com/MariaDB/server.git synced 2025-01-31 02:51:44 +01:00

Commit graph

Author	SHA1	Message	Date
Kristofer Pettersson	21da523f17	Bug58747 57359 patch: breaks secure_file_priv+not secure yet+still accesses other folders "load data infile .." allowed for access to unautohorized tables. Due to a faulty if-statement it was possible to circumvent the secure_file_priv restriction. mysql-test/mysql-test-run.pl: * Add SECURE_LOAD_PATH environment variable to mtr test cases. mysql-test/suite/sys_vars/r/secure_file_priv2.result: * add test for bug58747 mysql-test/suite/sys_vars/t/secure_file_priv2-master.opt: * add test for bug58747 mysql-test/suite/sys_vars/t/secure_file_priv2.test: * add test for bug58747 sql/sql_load.cc: * Correct faulty if-statement * fix indentation * move my_stat() block to after is_secure_file_path() check.	2010-12-16 11:49:40 +01:00

Author

SHA1

Message

Date

Kristofer Pettersson

21da523f17

Bug58747 57359 patch: breaks secure_file_priv+not secure yet+still accesses other folders

"load data infile .."  allowed for access to 
unautohorized tables.
Due to a faulty if-statement it was possible to
circumvent the secure_file_priv restriction.


mysql-test/mysql-test-run.pl:
  * Add SECURE_LOAD_PATH environment variable to mtr test cases.
mysql-test/suite/sys_vars/r/secure_file_priv2.result:
  * add test for bug58747
mysql-test/suite/sys_vars/t/secure_file_priv2-master.opt:
  * add test for bug58747
mysql-test/suite/sys_vars/t/secure_file_priv2.test:
  * add test for bug58747
sql/sql_load.cc:
  * Correct faulty if-statement
  * fix indentation
  * move my_stat() block to after is_secure_file_path() check.

2010-12-16 11:49:40 +01:00

1 commit