From: Sergei Golubchik Date: February 6 2009 9:24am Subject: Re: bzr commit into mysql-5.1-bugteam branch (alfranio.correia:2768) Bug#38174 List-Archive: http://lists.mysql.com/commits/65443 Message-Id: <20090206092424.GA9308@janus.mylan> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Hi, Alfranio! On Feb 06, Alfranio Correia wrote: > Hi Sergei, > > Thank you for the comments. > Can I assign you as formal reviewer of the bug report? Yes, feel free to. > Sergei Golubchik wrote: > > On Feb 05, Alfranio Correia wrote: > >> 2768 Alfranio Correia 2009-02-05 > >> BUG#38174 secure-file-priv breaks LOAD DATA INFILE replication > >> in statement mode > >> > >> If secure-file-priv was set on slave, it became unable to > >> execute LOAD DATA INFILE statements sent from master using mixed > >> or statement-based replication. > >> > >> This patch fixes the issue by ignoring this security restriction > >> while executing the SQL Thread. > > > > I don't think it's a good idea. The restriction was there for a reason > > and I'm not at all sure that one cannot exploit your fix by breaking out > > of jail and reading files that should be not accessible otherwise. > > > > To play it safe you need to ignore the restriction differently: > > in the normal query thread you check opt_secure_file_priv as before, in > > the slave thread, ignore opt_secure_file_priv, and (!) independently of > > opt_secure_file_priv you verify that you load from > > > > CONCAT(tmpdir, "SQL_LOAD-") > > > > (and would be a good idea to move "SQL_LOAD-" to a constant, it's > > currently used in two places as a string literal). > > > > Regards / Mit vielen Gr??en, > > Sergei > > > > > Let me see if I understood you correctly. Are you proposing something > like this, aren't you? > > if (thd->slave_thread) > { > string = concat(tmpdir,"SQL_LOAD-"); > if (strncmp(tmpdir) { > raise an exception; > } > } > else if (opt_secure_file_priv && > strncmp(opt_secure_file_priv, name, strlen(opt_secure_file_priv))) > { > raise an exception; > } Yes. Regards / Mit vielen Grüßen, Sergei -- __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Sergei Golubchik / /|_/ / // /\ \/ /_/ / /__ Principal Software Engineer/Server Architect /_/ /_/\_, /___/\___\_\___/ Sun Microsystems GmbH, HRB München 161028 <___/ Sonnenallee 1, 85551 Kirchheim-Heimstetten Geschäftsführer: Thomas Schroeder, Wolfgang Engels, Dr. Roland Boemer Vorsitzender des Aufsichtsrates: Martin Häring