Bug#377007: mysql-server-4.1: umask ignored

Thu, 06 Jul 2006 00:20:45 -0700 

Package: mysql-server-4.1
Version: 4.1.15-1
Severity: grave
Tags: security
Justification: user security hole

Hello,

I just ran a query 'select into outfile' on a vanilla Sarge install as
user root with umask 027. The MySQL server itself has umask 077 in it's
start script. Nevertheless, the exported file ended up having mode 0666
instead of 0640 or 0600, as expected. I consider this a security hole
because it allows not only unwarranted read access, but also
undetectable modification of such an export file if this file is eg.
created in /tmp.

Workaround: Create a directory that allows only root and mysql access,
and export to a file into this directory.


Best,
--Toni++


-- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-2-686-smp
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)

Versions of packages mysql-server-4.1 depends on:
ii  adduser          3.85                    Add and remove users and groups
ii  debconf [debconf 1.4.72                  Debian configuration management sy
ii  libc6            2.3.6-5                 GNU C Library: Shared libraries an
ii  libdbi-perl      1.50-2                  Perl5 database interface by Tim Bu
ii  libgcc1          1:4.1.0-1               GCC support library
ii  libmysqlclient14 4.1.15-1                mysql database client library
ii  libncurses5      5.5-1                   Shared libraries for terminal hand
ii  libreadline5     5.1-7                   GNU readline and history libraries
ii  libstdc++6       4.1.0-1                 The GNU Standard C++ Library v3
ii  libwrap0         7.6.dbs-9               Wietse Venema's TCP wrappers libra
ii  mailx            1:8.1.2-0.20050715cvs-1 A simple mail user agent
ii  mysql-client-5.0 5.0.19-3                mysql database client binaries
ii  mysql-common     5.0.19-3                mysql database common files (e.g. 
ii  passwd           1:4.0.15-2              change and administer password and
ii  perl             5.8.8-3                 Larry Wall's Practical Extraction 
ii  psmisc           22.2-1                  Utilities that use the proc filesy
ii  zlib1g           1:1.2.3-11              compression library - runtime

mysql-server-4.1 recommends no packages.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to