The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


mysql: MySQL Security


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
X-RDate: Wed, 01 Apr 1998 09:18:19 +0600 (ESD)
Date: Tue, 31 Mar 1998 20:05:19 +0100
From: Ben Laurie <[email protected]>
To: [email protected]
Subject: Re: mysql: MySQL Security

Michael Widenius wrote:
>
> >>>>> "Sandu" == Sandu Mihai <[email protected]> writes:
>
> Sandu> When you use a certain mysql configuration it is possible to create
> Sandu> files on the system as root with rw-rw-rw.
<snip>
> The file is always created with 0666, by the following code:
>
> sql_class.cc:167:  if ((file=my_create(path, 0666, O_WRONLY, MYF(MY_WME))) < 0)
>
> Normally one should never run mysqld as root and one should always
> set a password for the MySQL root user.

Of course:

a) mysqld runs as root by default

b) if you've set the port <1024, so it gets filtered naturally by your
firewall, you have to run as root. The following patch fixes this
problem (on FreeBSD at least), if you add "MYSQL_USER=someuser; export
MYSQL_USER" to safe_mysqld.

Only lightly tested...

--- mysqld.cc.orig      Tue Mar 31 19:27:53 1998
+++ mysqld.cc   Tue Mar 31 19:35:59 1998
@@ -57,6 +57,8 @@
 #define SET_RLIMIT_NOFILE
 #endif

+#include <pwd.h>
+
 #define MAX_RETRY 10                   // Test accept this many times
 #define CONNECT_TIMEOUT 3              // Don't wait long for connect

@@ -291,6 +293,33 @@
   }
 }

+static void set_user()
+{
+  struct passwd *ent;
+  char *user;
+
+// don't bother if we aren't superuser
+  if(geteuid())
+    return;
+
+  if(!(user = getenv("MYSQL_USER")))
+    return;
+
+  if(!(ent = getpwnam(user)))
+  {
+    perror("getpwnam");
+    application_end();
+    unireg_abort(1);
+  }
+
+  if(setuid(ent->pw_uid) == -1)
+  {
+    perror("setuid");
+    application_end();
+    unireg_abort(1);
+  }
+}
+

 static void server_init(void)
 {
@@ -336,6 +365,9 @@
       application_end();
       unireg_abort(1);
     }
+
+    set_user();
+
     VOID(listen(ip_sock,(int) back_log));
   }

Cheers,

Ben.

--
Ben Laurie            |Phone: +44 (181) 735 0686|  Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org
and Technical Director|Email: [email protected] |
A.L. Digital Ltd,     |Apache-SSL author    http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру