Details
-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 5.5, 10.0, 10.1, 10.2, 10.3
-
Component/s: Platform Windows, Server
-
Labels:None
Description
If server creates named pipe, it is using NULL DACL via
SetSecurityDescriptorDacl(&sdPipeDescriptor, TRUE, NULL, FALSE)
in mysqld.cc
The documentation for SetSecurityDescriptorDacl() states following about NULL DACL. :
"All access is allowed. You should not use a NULL DACL with an object because any user can change the DACL and owner of the security descriptor. This will interfere with use of the object."