ROOT
DESCRIPTION
===========
If the .pid file is created at a world-writable location,
it can be compromised by replacing the server's pid with
another running server's (or some other non-mysql process)
PID causing abnormal behaviour.
ANALYSIS
========
In such a case, user should be warned that .pid file is
being created at a world-writable location.
FIX
===
A new function is_file_or_dir_world_writable() is defined
and it is called in create_pid_file() before .pid file
creation. If the location is world-writable, a relevant
warning is thrown.
NOTE
====
1. PID file is always created with permission bit 0664, so
for outside world its read-only.
2. Ignoring the case when permission is denied to get the
dir stats since the .pid file creation would fail anyway in
such a case.
Building with ninja shows the problem:
cmake .. -G Ninja
ninja
ninja: error: dependency cycle: sql/GenServerSource -> sql/CMakeFiles/GenServerSource -> sql/sql_builtin.cc -> cmake_order_depends_target_sq
sql/GenServerSource
Bug#16877045 5.6-CLUSTER-7.3 WIN32 SQL_YACC.CC BUILD PROBLEM
- Somewhat circular dependency caused by the configured files sql_builtin.cc being included as
part of the files to generate in sql/
- Move sql_builtin.cc out of GEN_SOURCES variable.
- Create new variable CONF_SOURCES to be used for configured files.
- the probably ultimate fix for dependencies on VS
- remove some GET_TARGET_PROPERTY(LOCATION ...), they are deprecated in
cmake 3.9
- simplify signing targets on Windows.
- remove INSTALL_DEBUG_TARGET, we do not mix binaries from different builds
in the same package
with Visual Studio
simplify logic, VS generator seems to have problems if generated file
(with ADD_CUSTOM_COMMAND) depends on another generated file.
So, the fix is just to have mysqld_lib.{def,lib,exp} to be generated in a
single ADD_CUSTOM_COMMAND rather than two steps.
Also, include fixes by Vladislav Vaintroub to the
aws_key_management plugin. The AWS C++ SDK specifically depends on
OPENSSL_LIBRARIES, not generic SSL_LIBRARIES (such as YaSSL).
To export symbols from the mysqld.exe, use lib.exe with /DEF, rather than
pre-link step when building mysqld.exe.
This helps to avoid relinking all plugins, if mysqld.exe was recompiled
but the list of its exports has not changed.
Also removed unnecessary DEPENDS in some ADD_CUSTOM_COMMAND (gen_lex_token,
gen_lex_hash etc). They confuse VS generator which tends to
recreate headers and do unnecessary recompilations.
in default installation.
Added plugin-dir to the [client] section of the generated my.ini,
so that installed services (MSI or mysql_install_db.exe) would be able to
find plugin directory.
The changes are deliberately kept minimal
- some functions are made global instead of static (they will be used in
xtrabackup later on)
- functions got additional parameter, deliberately unused for now :
fil_load_single_tablespaces
srv_undo_tablespaces_init
- Global variables added, also unused for now :
srv_archive_recovery
srv_archive_recovery_limit_lsn
srv_apply_log_only
srv_backup_mode
srv_close_files
- To make xtrabackup link with sql.lib on Windows, added some missing
source files to sql.lib
- Fixed os_thread_ret_t to be DWORD on Windows
