[#CONJ-305] Add LOAD DATA LOCAL INFILE security filter function

[CONJ-305] Add LOAD DATA LOCAL INFILE security filter function Created: 2016-05-27 Updated: 2016-06-29 Resolved: 2016-06-28
Status:	Closed
Project:	MariaDB Connector/J
Component/s:	Other
Affects Version/s:	None
Fix Version/s:	1.5.0-RC

Type:

Task

Priority:

Major

Reporter:

Diego Dupin

Assignee:

Diego Dupin

Resolution:

Fixed

Votes:

Labels:

None

Description

Problem is using "LOAD DATA LOCAL INFILE" (ie : loading a file from client), may be a security problem :

if server sources has been changed, server mays asked for a different file than the file in query.
if someone has can execute query from client, he can have access to any file on client (according to the rights of the user running the client process).

Solution is to add a callback function that can validate file /directory structure.

Comments

Comment by Vladislav Vaintroub [ 2016-06-08 ]

The actual threat is a "man in the middle", some kind of mysqld proxy server, that would redirect queries to the actual server, and return the correct resuls, so user does not notice, but also read all files from your disk that are readable by JDBC running proces. To accomplish this, it would just need to send additional "give me that file" packet that is usually sent by LOAD DATA LOCAL INFILE.

Comment by Diego Dupin [ 2016-06-28 ]

commit : https://github.com/MariaDB/mariadb-connector-j/commit/ee647fb798359ef79f335ac04f7b5ab9c8048256

Generated at Thu Feb 08 03:14:41 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[CONJ-305] Add LOAD DATA LOCAL INFILE security filter function Created: 2016-05-27 Updated: 2016-06-29 Resolved: 2016-06-28