[MDEV-13353] CONNECT engine table_type=JDBC should not require FILE priv - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 10.1.25
Fix Version/s: 10.0.35, 10.1.32, 10.2.14, 10.3.6
Component/s: Storage Engine - Connect
Labels:
None
Environment:
CentOS7 on Google Compute Engine

Description

For security reasons it would be great if we did not have to grant FILE permission to everyone who uses a CONNECT JDBC table. Currently we have to grant FILE to all users, even non-administrators, which increases the chance of data being leaked by accident. We do use secure_file_priv to help this, but ideally no user would need FILE priv, or if that isn't possible for some reason, at least not require FILE to use a connect JDBC table.

Attachments

Issue Links

is duplicated by

MDEV-4500 ConnectSE: Excessive FILE privilege requirement for read-only operations

Open

Activity

People

Assignee:: Olivier Bertrand

Reporter:: Robert Dyas

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2017-07-19 15:11

Updated:: 2018-04-26 12:15

Resolved:: 2018-02-26 21:50

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.