Hello everyone,
I was wondering if anyone could help me out and explain a bit about the
FILE permissions and how they relate to two particular scenarios:
In both cases MySQL is running on SunOS 5.7 and running MySQL client
version 3.22.23b
MySQL UserA has permissions only on DatabaseA and is granted FILE
permissions to all tables in that database
Scenario 1:
If UserA connects to the database using the MySQL client
What are the restrictions on what files that user can access using a LOAD
DATA command? Are they dependent at all on the UNIX file permissions for
the user who is logged in and actually connects to the database using the
"mysql -u..." etc command? Do the UNIX permissions for the user that
started the MySQL server have any effect on this? Is there anything
configuration wise that might allow LOADing in other DBs or system
files? What defines where outfiles can be written?
Scenario 2:
If UserA's credentials are used to connect to the MySQL database using the
Perl DBI
Same question, what factors influence what files can be read in using a
LOAD DATA command? What defines where outfiles can be written?
In both scenarios is there anything that can compromise this security such
as the MySQL server running as root? (I know that's a big no-no)
Also, I know I'm running an ancient version of MySQL, can anyone help me
find out when that version was released? 3.22.23b? It will help me
convince the right people that it's time for an upgrade! I've checked in
the release notes section but I can't find anything about when particular
releases were made...
Thanks,
-Chris
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
