database/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-07-30 16:24:05 +03:00
Code Activity

Bug58747 57359 patch: breaks secure_file_priv+not secure yet+still accesses other folders

Browse Source 
"load data infile .."  allowed for access to 
unautohorized tables.
Due to a faulty if-statement it was possible to
circumvent the secure_file_priv restriction.
This commit is contained in:
Kristofer Pettersson
2010-12-16 11:49:40 +01:00
parent f855f8467c
commit bef12c6ed1
5 changed files with 85 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
mysql-test/mysql-test-run.pl
View File

@ -2025,6 +2025,16 @@ sub environment_setup {
$ENV{'DEFAULT_MASTER_PORT'}= $mysqld_variables{'master-port'} || 3306;
$ENV{'MYSQL_TMP_DIR'}= $opt_tmpdir;
$ENV{'MYSQLTEST_VARDIR'}= $opt_vardir;
if (IS_WINDOWS)
{
$ENV{'SECURE_LOAD_PATH'}= $glob_mysql_test_dir."\\std_data";
}
else
{
$ENV{'SECURE_LOAD_PATH'}= $glob_mysql_test_dir."/std_data";
}
# ----------------------------------------------------
# Setup env for NDB