[#MDEV-395] PR_SET_DUMPABLE set in unreachable code

[MDEV-395] PR_SET_DUMPABLE set in unreachable code Created: 2012-07-13 Updated: 2012-09-02 Resolved: 2012-09-02
Status:	Closed
Project:	MariaDB Server
Component/s:	None
Affects Version/s:	5.5.25
Fix Version/s:	5.5.27

Type:

Bug

Priority:

Minor

Reporter:

Hartmut Holzgraefe

Assignee:

Sergei Golubchik

Resolution:

Fixed

Votes:

Labels:

None

Environment:

linux

Attachments:

patch-prctl.txt

Description

There has been a patch in MySQL 5.0.44 (see mysql bugs #21723 / #21361) that would enable core dumps on Linux even when setuid() was used on mysqld by setting "prctl(PR_SET_DUMPABLE, 1);"

This is actually dead code though as it was placed behind the final error handling block in the check_user() function in sql/mysqld.cc, right after an unconditional unireg_abort() call. So this can never actually have worked.

Proposed fix: call prctl() directly after changing the user id in set_user()/set_effective_user() instead. (this is actually the place where Deans patch from bug #21723 suggested to add the pcrtl() call, no idea why it was added in a completely different place instead ...)

Generated at Thu Feb 08 06:28:25 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-395] PR_SET_DUMPABLE set in unreachable code Created: 2012-07-13 Updated: 2012-09-02 Resolved: 2012-09-02