4389 Nirbhay Choubey 2012-08-31 [merge]
Merge of patch for Bug#14513708 from mysql-5.6.
modified:
client/mysql_config_editor.cc
mysys_ssl/my_default.cc
4388 Vasil Dimov 2012-08-30 [merge]
Null merge mysql-5.6 into mysql-trunk
This is the backport of WL#6347, the same code is already in mysql-trunk.
=== modified file 'client/mysql_config_editor.cc'
--- a/client/mysql_config_editor.cc 2012-07-13 14:29:59 +0000
+++ b/client/mysql_config_editor.cc 2012-08-30 18:35:44 +0000
@@ -366,7 +366,6 @@ static my_bool check_and_create_login_fi
const int access_flag= (O_RDWR | O_BINARY);
const ushort create_mode= (S_IRUSR | S_IWUSR );
- const ushort create_mode_all= (S_IRWXU | S_IRWXG | S_IRWXO);
/* Get the login file name. */
if (! my_default_get_login_file(my_login_file, sizeof(my_login_file)))
@@ -418,7 +417,7 @@ static my_bool check_and_create_login_fi
#ifdef _WIN32
if (1)
#else
- if (!(create_mode ^ (stat_info.st_mode & create_mode_all)))
+ if (!(stat_info.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO)))
#endif
{
verbose_msg("File has the required permission.\nOpening the file.\n");
=== modified file 'mysys_ssl/my_default.cc'
--- a/mysys_ssl/my_default.cc 2012-08-03 17:38:02 +0000
+++ b/mysys_ssl/my_default.cc 2012-08-30 18:29:28 +0000
@@ -155,6 +155,7 @@ static int search_default_file_with_ext(
const char *dir, const char *ext,
const char *config_file, int recursion_level);
static my_bool mysql_file_getline(char *str, int size, MYSQL_FILE *file);
+static int check_file_permissions(const char *file_name);
/**
@@ -861,7 +862,7 @@ static int search_default_file_with_ext(
MYSQL_FILE *fp;
uint line=0;
my_bool found_group=0;
- uint i;
+ uint i, rc;
MY_DIR *search_dir;
FILEINFO *search_file;
@@ -879,25 +880,10 @@ static int search_default_file_with_ext(
strmov(name,config_file);
}
fn_format(name,name,"","",4);
-#if !defined(__WIN__)
- {
- MY_STAT stat_info;
- if (!my_stat(name,&stat_info,MYF(0)))
- return 1;
- /*
- Ignore world-writable regular files.
- This is mainly done to protect us to not read a file created by
- the mysqld server, but the check is still valid in most context.
- */
- if ((stat_info.st_mode & S_IWOTH) &&
- (stat_info.st_mode & S_IFMT) == S_IFREG)
- {
- fprintf(stderr, "Warning: World-writable config file '%s' is ignored\n",
- name);
- return 0;
- }
- }
-#endif
+
+ if ((rc= check_file_permissions(name)) < 2)
+ return (int) rc;
+
if (is_login_file)
{
if ( !(fp = mysql_file_fopen(key_file_cnf, name, (O_RDONLY | O_BINARY),
@@ -1464,3 +1450,48 @@ int my_default_get_login_file(char *file
return 1;
}
+
+/**
+ Check file permissions of the option file.
+
+ @param file_name [in] Name of the option file.
+
+ @return 0 - Non-allowable file permissions.
+ 1 - Failed to stat.
+ 2 - Success.
+*/
+static int check_file_permissions(const char *file_name)
+{
+#if !defined(__WIN__)
+ MY_STAT stat_info;
+
+ if (!my_stat(file_name,&stat_info,MYF(0)))
+ return 1;
+ /*
+ Ignore .mylogin.cnf file if not exclusively readable/writable
+ by current user.
+ */
+ if (is_login_file && (stat_info.st_mode & (S_IXUSR | S_IRWXG | S_IRWXO))
+ && (stat_info.st_mode & S_IFMT) == S_IFREG)
+ {
+ fprintf(stderr, "Warning: %s should be readable/writable only by "
+ "current user.\n", file_name);
+ return 0;
+ }
+ /*
+ Ignore world-writable regular files.
+ This is mainly done to protect us to not read a file created by
+ the mysqld server, but the check is still valid in most context.
+ */
+ else if ((stat_info.st_mode & S_IWOTH) &&
+ (stat_info.st_mode & S_IFMT) == S_IFREG)
+
+ {
+ fprintf(stderr, "Warning: World-writable config file '%s' is ignored\n",
+ file_name);
+ return 0;
+ }
+#endif
+ return 2; /* Success */
+}
+
No bundle (reason: useless for push emails).
| Thread |
|---|
| • bzr push into mysql-trunk branch (nirbhay.choubey:4388 to 4389) Bug#14513708 | Nirbhay Choubey | 30 Aug |
