List:Internals« Previous MessageNext Message »
From:Michael Widenius Date:February 10 2002 11:46pm
Subject:Re: load data local ... security issue
View as plain text  
Hi!

>>>>> "Sinisa" == Sinisa Milivojevic <sinisa@stripped> writes:

Sinisa> On Wed, 06 Feb 2002 12:39:03 +0200
Sinisa> Alexander Keremidarski <salle@stripped> wrote:

>> LOAD DATA LOCAL INFILE ''

<cut>

Sinisa> Yes, we know about that scenario.

Sinisa> Temporary fix is that all important files should be readable by root (system
> root) only.

Sinisa> MySQL fix will be to drop LOCAL, when processing LOAD DATA, when both client
> and server are on the same computer.

No, this will not produce the desirable result.

We will instead introduce a new privilege in MySQL 4.0 that can be
used to disable LOAD DATA LOCAL...
(We will also add an option to disable this in MySQL 3.23)

Regards,
Monty
Thread
load data local ... security issueAlexander Keremidarski6 Feb
  • Re: load data local ... security issueSinisa Milivojevic6 Feb
    • Re: load data local ... security issueMichael Widenius11 Feb
  • Re: load data local ... security issueAlexander Keremidarski6 Feb
  • Re: load data local ... security issueAlexander Keremidarski7 Feb
    • Re: load data local ... security issueSinisa Milivojevic7 Feb
  • Re: load data local ... security issueColin Faber7 Feb
RE: load data local ... security issueThe Tilghman7 Feb