[#MCOL-5182] Security injection in cmapi s3load

[MCOL-5182] Security injection in cmapi s3load Created: 2022-08-09 Updated: 2022-10-26 Resolved: 2022-08-18
Status:	Closed
Project:	MariaDB ColumnStore
Component/s:	None
Affects Version/s:	None
Fix Version/s:	None

Type:

Bug

Priority:

Blocker

Reporter:

Leonid Fedorov

Assignee:

Leonid Fedorov

Resolution:

Fixed

Votes:

Labels:

None

Description

{{ columnstore_dataload("test", "test; touch /pawned", "mdb-s3-test") |}}

{{➜ / ls -al /pawned
~~rw-r~~r- 1 root root 0 Aug 9 08:27 /pawned
}}

Generated at Thu Feb 08 02:55:57 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.