From: Sergei Golubchik Date: March 13 2003 4:40pm Subject: Re: [packagers] Re: MySQL user can be changed to root (fwd) List-Archive: http://lists.mysql.com/packagers/87 Message-Id: <20030313164011.GA82989@serg.mysql.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Hi! On Mar 13, Dmitry V. Levin wrote: > On Thu, Mar 13, 2003 at 02:46:10PM +0100, Lenz Grimmer wrote: > > > > Anyway, even though the current patch indeed allows one to change the file > > permissions between time of check and time of use, it's a hypothetical > > issue. Only the file owner can change the permissions! A malicious user > > would need to be the owner of that file, before he could do that. > > Btw, check for file ownership is also missing. > I've added > if (!getuid() && stat_info.st_uid) /* for root, ignore files owned by non-root */ > return 0; It was intentional. Unfortunately, there're too many setup where everything in datadir/ is owned by mysql user. Yes, it's bad, but we cannot introduce changes in 3.23 that will break many existing installations. > > So I am not sure, if we would gain anything here by using fstat() > > You'll get a bit more secure code. :) I cannot see how fstat() can make the code even slightly secure. What is the scenario where changing stat() to fstat() can help ? Regards, Sergei -- MySQL Development Team __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Sergei Golubchik / /|_/ / // /\ \/ /_/ / /__ MySQL AB, http://www.mysql.com/ /_/ /_/\_, /___/\___\_\___/ Osnabrueck, Germany <___/