mariadb/mysql-test/suite/sys_vars/t/secure_file_priv2-master.opt at bb-12.1-bar-MDEV-37408 - mirror/mariadb - May the force be without you: git.fucktheforce.de

mirror/mariadb

mirror of https://github.com/MariaDB/server.git synced 2025-10-31 02:46:29 +01:00

Kristofer Pettersson 21da523f17 Bug58747 57359 patch: breaks secure_file_priv+not secure yet+still accesses other folders

"load data infile .."  allowed for access to 
unautohorized tables.
Due to a faulty if-statement it was possible to
circumvent the secure_file_priv restriction.


mysql-test/mysql-test-run.pl:
  * Add SECURE_LOAD_PATH environment variable to mtr test cases.
mysql-test/suite/sys_vars/r/secure_file_priv2.result:
  * add test for bug58747
mysql-test/suite/sys_vars/t/secure_file_priv2-master.opt:
  * add test for bug58747
mysql-test/suite/sys_vars/t/secure_file_priv2.test:
  * add test for bug58747
sql/sql_load.cc:
  * Correct faulty if-statement
  * fix indentation
  * move my_stat() block to after is_secure_file_path() check.

2010-12-16 11:49:40 +01:00

1 line

37 B

Text

Raw Permalink Blame History

--secure_file_priv=$SECURE_LOAD_PATH