mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-01-21 06:22:28 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
mariadb/mysql-test/suite/sys_vars/r/secure_file_priv2.result
Kristofer Pettersson 21da523f17 Bug58747 57359 patch: breaks secure_file_priv+not secure yet+still accesses other folders 
"load data infile .."  allowed for access to 
unautohorized tables.
Due to a faulty if-statement it was possible to
circumvent the secure_file_priv restriction.


mysql-test/mysql-test-run.pl:
  * Add SECURE_LOAD_PATH environment variable to mtr test cases.
mysql-test/suite/sys_vars/r/secure_file_priv2.result:
  * add test for bug58747
mysql-test/suite/sys_vars/t/secure_file_priv2-master.opt:
  * add test for bug58747
mysql-test/suite/sys_vars/t/secure_file_priv2.test:
  * add test for bug58747
sql/sql_load.cc:
  * Correct faulty if-statement
  * fix indentation
  * move my_stat() block to after is_secure_file_path() check.
2010-12-16 11:49:40 +01:00

6 lines
346 B
Text
Raw Blame History

CREATE TABLE t1 (c1 INT);
LOAD DATA INFILE "t1.MYI" into table t1;
ERROR HY000: The MySQL server is running with the --secure-file-priv option so it cannot execute this statement
LOAD DATA INFILE "/test" into table t1;
ERROR HY000: The MySQL server is running with the --secure-file-priv option so it cannot execute this statement
DROP TABLE t1;
Reference in a new issue View git blame Copy permalink