[MDEV-7596] audit plugin - record full query / document line length / make buffer configurable - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.1.1, 5.5(EOL), 10.0(EOL)
Fix Version/s: 5.5.43
Component/s: Plugin - Audit
Labels:
- server_audit

Description

Hey,

the audit plugin "should" record every part of the query. the current implementation is using a static buffer to shorten the query part. since an audit is used to detect problems or hacking attempts, the audit plugin is unusable. the current size of the buffer is 768 and should be dynamic by default or atleast configurable.
especially on hacking attacks the last part (where clause) is modified but this part is not part of the audit line. in addition this should be added to the documentation.

https://github.com/MariaDB/server/blob/10.1/plugin/server_audit/server_audit.c#L1018

Attachments

Activity

People

Assignee:: Alexey Botchkov

Reporter:: Hans-Joachim Kliemeck

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2015-02-16 18:55

Updated:: 2015-03-31 12:53

Resolved:: 2015-03-31 12:53

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.