MySQL Lists: commits: svn commit - mysqldoc@docsrva: r11500 - in trunk: . dynamic-docs/changelog dynamic-docs/command-optvars refman-5.0 refman-5.1 refman-6.0

List:	Commits	« Previous Message Next Message »
From:	paul.dubois	Date:	August 5 2008 8:16pm
Subject:	svn commit - mysqldoc@docsrva: r11500 - in trunk: . dynamic-docs/changelog dynamic-docs/command-optvars refman-5.0 refman-5.1 refman-6.0
View as plain text
Author: paul
Date: 2008-08-05 20:16:29 +0200 (Tue, 05 Aug 2008)
New Revision: 11500

Log:
 r33229@frost:  paul | 2008-08-05 10:58:37 -0500
 Document bugfix:
 Bug#37428: Potential security issue with UDFs - linux shellcode execution
 
 This fix backports the plugin_dir system variable to 5.0, to apply to UDF
 loading. Document other places in 5.0 manual where this variable now applies.


Modified:
   trunk/dynamic-docs/changelog/mysqld-1.xml
   trunk/dynamic-docs/command-optvars/mysqld.xml
   trunk/refman-5.0/dba-core.xml
   trunk/refman-5.0/sql-syntax-server-administration.xml
   trunk/refman-5.1/dba-core.xml
   trunk/refman-6.0/dba-core.xml

Property changes on: trunk
___________________________________________________________________
Name: svk:merge
   - 4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:35828
7d8d2c4e-af1d-0410-ab9f-b038ce55645b:/mysqldoc-local/mysqldoc:33227
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:14218
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:32656
   + 4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:35828
7d8d2c4e-af1d-0410-ab9f-b038ce55645b:/mysqldoc-local/mysqldoc:33229
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:14218
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:32656


Modified: trunk/dynamic-docs/changelog/mysqld-1.xml
===================================================================
--- trunk/dynamic-docs/changelog/mysqld-1.xml	2008-08-05 15:58:10 UTC (rev 11499)
+++ trunk/dynamic-docs/changelog/mysqld-1.xml	2008-08-05 18:16:29 UTC (rev 11500)
Changed blocks: 1, Lines Added: 34, Lines Deleted: 0; 1256 bytes

@@ -23672,4 +23672,38 @@
 
   </logentry>
 
+  <logentry entrytype="feature">
+
+    <tags>
+      <highlight type="securityenhancement"/>
+      <manual type="user-defined-functions"/>
+      <manual type="plugin_dir"/>
+    </tags>
+
+    <bugs>
+      <fixes bugid="37428"/>
+    </bugs>
+
+    <versions>
+      <version ver="5.0.67"/>
+    </versions>
+
+    <message>
+
+      <para>
+        To enable stricter control over the location from which
+        user-defined functions can be loaded, the
+        <literal>plugin_dir</literal> system variable has been
+        backported from MySQL 5.1. If the value is non-empty,
+        user-defined function object files can be loaded only from the
+        directory named by this variable. If the value is empty, the
+        behavior that is used before 5.0.67 applies: The UDF object
+        files must be located in a directory that is searched by your
+        system's dynamic linker.
+      </para>
+
+    </message>
+
+  </logentry>
+
 </changelog>


Modified: trunk/dynamic-docs/command-optvars/mysqld.xml
===================================================================
--- trunk/dynamic-docs/command-optvars/mysqld.xml	2008-08-05 15:58:10 UTC (rev 11499)
+++ trunk/dynamic-docs/command-optvars/mysqld.xml	2008-08-05 18:16:29 UTC (rev 11500)
Changed blocks: 1, Lines Added: 3, Lines Deleted: 1; 579 bytes

@@ -14349,9 +14349,11 @@
     </values>
 
     <versions>
+      <manual version="5.0"/>
+      <introduced version="5.0.67"/>
       <manual version="5.1"/>
+      <introduced version="5.1.2"/>
       <manual version="6.0"/>
-      <introduced version="5.1.2"/>
     </versions>
 
   </mysqloption>


Modified: trunk/refman-5.0/dba-core.xml
===================================================================
--- trunk/refman-5.0/dba-core.xml	2008-08-05 15:58:10 UTC (rev 11499)
+++ trunk/refman-5.0/dba-core.xml	2008-08-05 18:16:29 UTC (rev 11500)
Changed blocks: 1, Lines Added: 18, Lines Deleted: 0; 1075 bytes

@@ -6317,7 +6317,25 @@
         </listitem>
 
         <listitem>
+          <para id="option_mysqld_plugin_dir">
+            <literal>plugin_dir</literal>
+          </para>
+
+          <para condition="dynamic:optvar:item" role="5.0:mysqld:plugin_dir"/>
+
           <para>
+            The pathname of the plugin directory. This variable was
+            added in MySQL 5.0.67. If the value is non-empty,
+            user-defined function object files must be located in this
+            directory. If the value is empty, the behavior that is used
+            before 5.0.67 applies: The UDF object files must be located
+            in a directory that is searched by your system's dynamic
+            linker.
+          </para>
+        </listitem>
+
+        <listitem>
+          <para>
             <literal>port</literal>
           </para>
 


Modified: trunk/refman-5.0/sql-syntax-server-administration.xml
===================================================================
--- trunk/refman-5.0/sql-syntax-server-administration.xml	2008-08-05 15:58:10 UTC (rev
11499)
+++ trunk/refman-5.0/sql-syntax-server-administration.xml	2008-08-05 18:16:29 UTC (rev
11500)
Changed blocks: 1, Lines Added: 6, Lines Deleted: 2; 1061 bytes

@@ -2919,8 +2919,12 @@
       <para>
         <replaceable>shared_library_name</replaceable> is the basename
         of the shared object file that contains the code that implements
-        the function. The file must be located in a directory that is
-        searched by your system's dynamic linker.
+        the function. As of MySQL 5.0.67, the file must be located in
+        the plugin directory. This directory is given by the value of
+        the <literal>plugin_dir</literal> system variable. If the value
+        of <literal>plugin_dir</literal> is empty, the behavior that is
+        used before 5.0.67 applies: The file must be located in a
+        directory that is searched by your system's dynamic linker.
       </para>
 
       <para>


Modified: trunk/refman-5.1/dba-core.xml
===================================================================
--- trunk/refman-5.1/dba-core.xml	2008-08-05 15:58:10 UTC (rev 11499)
+++ trunk/refman-5.1/dba-core.xml	2008-08-05 18:16:29 UTC (rev 11500)
Changed blocks: 1, Lines Added: 1, Lines Deleted: 1; 571 bytes

@@ -6649,7 +6649,7 @@
           <para condition="dynamic:optvar:item" role="5.1:mysqld:plugin_dir"/>
 
           <para>
-            The pathname of the plugins directory. This variable was
+            The pathname of the plugin directory. This variable was
             added in MySQL 5.1.2.
           </para>
         </listitem>


Modified: trunk/refman-6.0/dba-core.xml
===================================================================
--- trunk/refman-6.0/dba-core.xml	2008-08-05 15:58:10 UTC (rev 11499)
+++ trunk/refman-6.0/dba-core.xml	2008-08-05 18:16:29 UTC (rev 11500)
Changed blocks: 1, Lines Added: 1, Lines Deleted: 1; 502 bytes

@@ -6511,7 +6511,7 @@
           <para condition="dynamic:optvar:item" role="6.0:mysqld:plugin_dir"/>
 
           <para>
-            The pathname of the plugins directory.
+            The pathname of the plugin directory.
           </para>
         </listitem>
Thread
• svn commit - mysqldoc@docsrva: r11500 - in trunk: . dynamic-docs/changelog dynamic-docs/command-optvars refman-5.0 refman-5.1 refman-6.0	paul.dubois	5 Aug