[Bug 375371] Re: MySQL must not use /tmp

[Clint Byrum]

I like it. The FILE permission has caused me quite a bit of pain in the
past, and quite a few shops just run mysql with 'ALL PRIVILEGES ON *.*'
for their app users because they don't want to deal with grants or don't
understand.

The only issue would be that if users actually depend on the ability to
export files from mysql in this way, they will have to grant the reading
processes access to the mysql group, or change /var/tmp/mysql to an
alternate group (the files are always created 666).

I just tested this and it works fine without the user-tmp abstraction,
by setting tmpdir=/var/tmp/mysql and making sure the directory exists in
the upstart script.

mysql> select * into outfile '/var/tmp/user.txt' from mysql.user;
ERROR 1 (HY000): Can't create/write to file '/var/tmp/user.txt' (Errcode: 13)
mysql> select * into outfile '/var/tmp/mysql/user.txt' from mysql.user;
Query OK, 5 rows affected (0.00 sec)

mysql> select * into outfile '/tmp/user.txt' from mysql.user;
ERROR 1 (HY000): Can't create/write to file '/tmp/user.txt' (Errcode: 13)
mysql> 

I'm hesitant to break the FILE privilege's basic assumptions, but at the
same time, I'd rather restrict that functionality and close a door for
common exploits.

Can anyone else comment on that?

-- 
MySQL must not use /tmp
https://bugs.launchpad.net/bugs/375371
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to mysql-dfsg-5.1 in ubuntu.