[MDEV-16963] Tighten named pipe access control Created: 2018-08-13 Updated: 2018-08-13 Resolved: 2018-08-13 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Platform Windows, Server |
| Affects Version/s: | 5.5, 10.0, 10.1, 10.2, 10.3 |
| Fix Version/s: | 5.5.62, 10.0.37, 10.1.36, 10.2.18, 10.3.10 |
| Type: | Bug | Priority: | Major |
| Reporter: | Vladislav Vaintroub | Assignee: | Vladislav Vaintroub |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | None | ||
| Description |
|
If server creates named pipe, it is using NULL DACL via SetSecurityDescriptorDacl(&sdPipeDescriptor, TRUE, NULL, FALSE) in mysqld.cc The documentation for SetSecurityDescriptorDacl() states following about NULL DACL. : "All access is allowed. You should not use a NULL DACL with an object because any user can change the DACL and owner of the security descriptor. This will interfere with use of the object." |