Details
-
Bug
-
Status: Closed (View Workflow)
-
Blocker
-
Resolution: Fixed
-
5.5, 10.0, 10.1
-
None
-
5.5.51 & 10.2.2
Description
Earlier MySQL used to read my.cnf from three locations, in that order:
- /etc
- datadir
- $HOME/.my.cnf
The second is particularly unsafe, because datadir is writable by the mysqld server, and a user that can connect to MySQL can create my.cnf in the datadir using SELECT ... OUTFILE. Over time various safety mechanisms were implemented:
- mysqld no longer reads my.cnf in the datadir. Still, mysqld_safe.sh does and forces the server to, so if the server is started via mysqld_safe.sh, my.cnf in the datadir is still used.
- --secure-file-priv command-line option limits SELECT ... OUTFILE to the specified directory, it's recommended to set it outside of datadir
- SELECT ... OUTFILE creates files that are world-writable and mysqld refuses to read my.cnf if it is world-writable.
But as was recently discovered by Dawid Golunski, one can abuse @@general_log_file variable to create a my.cnf in the datadir, and it will be not created world-writable, so the both mysqld_safe and mysqld will read it on startup.
Attachments
Issue Links
- links to
