List:General Discussion« Previous MessageNext Message »
From:Ed Carp Date:March 17 1999 12:11am
Subject:Re: [spam 03.32/10.00 -pobox] Mode setting on my_mkdir
View as plain text  
>In mysql_create_db (in sql/sql_db.cc), a new directory is created with mode
>0700.  Is this intentional?  It seems to me like the mode should be either
>711 or 755, since the table files inside each database directory are
>world-readable, but can't be accessed due to directory permissions.


An easier way to find this out (without posting, I might add) is to look at
(1) if mysqld is run suid, and (2) who owns the files in question.  Of
course, one could just go back a few days and read a similar question on the
list.

>My MySQL server needs to be backed up over a network, but the NFS-mounted
>directories won't allow my backup script to read the database files until I
>go in and change each directory to world-executable by hand.


Then you probably want to fix the way the directories are exported on the
host, if changing it is going to break the security model.

>Is this an oversight or an intentionally strict security model?  If the
>former, then I think that the directories should be created with mode 755.
>If the latter, then the .ISD, .ISM, and .frm files should be created with
>mode 500.


I think you mean 600, don't you?

Thread
Re: [spam 03.32/10.00 -pobox] Mode setting on my_mkdirEd Carp17 Mar