Re: INTO OUTFILE "filename" creates world writeable files

Dear all

we're following up the discussions on mysqldump persmissions between
John Warburton and Monty, 2001 - see:

http://lists.mysql.com/bugs/001

and are not quite sure the right forum in which to do so.

John wrote:

John> The examples I gave to reproduce the problem
John> and the subject of this bug report is that "SELECT INTO OUTFILE" is
John> creating *world writeable* (not just readable) files. I only found
John> this problem trying to use mysqldump.
>>
>> Sorry for misunderstanding this. I will see what I can do to fix so that
>> the file is only world readable in the next MySQL version.

This is still the case with mysqldump as of

Ver 8.22 Distrib 3.23.54, for sun-solaris2.8 (sparc)

Further, we think the following is a bug, rather than the security
misfeature that John was complaining of.

What we were trying to do was create a group, mysqldump, and put both
mysql and our ourselves in it, so that we could reduce directory
permissions from 777 down to 770. This not only didn't work, it also
deleted a previous mysqldump .txt file.

[a] dump with 777 directory:

% ls -ld /home/dump_test/dump_dir
drwxrwxrwx 2 dumpuser mysqldump 512 Jul 7 14:53
/home/dump_test/dump_dir

% ls -l /home/dump_test/dump_dir
total 4
-rw-r----- 1 dumpuser staff 673 Jul 7 14:53 build.sql
-rw-rw-rw- 1 mysql mysql 452 Jul 7 14:53 build.txt

OK, as expected, odd perms acknowledged though unwelcome (we'd expect 644)

[b] with 775 directory:

% chmod o-w dump_dir/
% ls -ld /home/dump_test/dump_dir

drwxrwxr-x 2 dumpuser mysqldump 512 Jul 7 14:53
/home/dump_test/dump_dir

% mysqldump -p -u dumpuser -q -l
--tab=/home/dump_test/dump_dir dbname build
Enter password:
mysqldump: Got error: 1: Can't create/write to file
'/home/dump_test/dump_dir/build.txt' (Errcode: 13) when executing
'SELECT INTO OUTFILE'

% ls -la /home/dump_test/dump_dir
total 6
drwxrwxr-x 2 dumpuser mysqldump 512 Jul 7 14:55 .
drwxrwxr-x 3 dumpuser mysqldump 512 Jul 7 14:04 ..
-rw-r----- 1 dumpuser staff 673 Jul 7 14:55 build.sql

So, mysql could write well enough to delete one of its own files, but not
to create one?

Cheers
Neil
------------------------------------------------------------ ---------
Neil Walker email: neil.walker@cimr.cam.ac.uk
JDRF/WT Diabetes and Inflammation tel: +44 (0)1223 763210
Laboratory fax: +44 (0)1223 762102
Cambridge, UK http://www-gene.cimr.cam.ac.uk/todd/
------------------------------------------------------------ ---------


--
MySQL Bugs Mailing List
For list archives: http://lists.mysql.com/bugs
To unsubscribe: http://lists.mysql.com/bugs?unsub=gcdmb-bugs@m.gmane.org

Re: INTO OUTFILE "filename" creates world writeable files

Neil Walker writes:
> Dear all
>

[skip]

> -rw-r----- 1 dumpuser staff 673 Jul 7 14:53 build.sql
> -rw-rw-rw- 1 mysql mysql 452 Jul 7 14:53 build.txt
>
> OK, as expected, odd perms acknowledged though unwelcome (we'd expect 644)
>
> [b] with 775 directory:
>
> % chmod o-w dump_dir/
> % ls -ld /home/dump_test/dump_dir
>
> drwxrwxr-x 2 dumpuser mysqldump 512 Jul 7 14:53
> /home/dump_test/dump_dir
>
> % mysqldump -p -u dumpuser -q -l
> --tab=/home/dump_test/dump_dir dbname build
> Enter password:
> mysqldump: Got error: 1: Can't create/write to file
> '/home/dump_test/dump_dir/build.txt' (Errcode: 13) when executing
> 'SELECT INTO OUTFILE'
>
> % ls -la /home/dump_test/dump_dir
> total 6
> drwxrwxr-x 2 dumpuser mysqldump 512 Jul 7 14:55 .
> drwxrwxr-x 3 dumpuser mysqldump 512 Jul 7 14:04 ..
> -rw-r----- 1 dumpuser staff 673 Jul 7 14:55 build.sql
>
> So, mysql could write well enough to delete one of its own files, but not
> to create one?
>
> Cheers
> Neil
> ------------------------------------------------------------ ---------
> Neil Walker email: neil.walker@cimr.cam.ac.uk
> JDRF/WT Diabetes and Inflammation tel: +44 (0)1223 763210
> Laboratory fax: +44 (0)1223 762102
> Cambridge, UK http://www-gene.cimr.cam.ac.uk/todd/
> ------------------------------------------------------------ ---------

Hi!

This is expected behaviour.

As you can see from the above output, user mysql belongs to group
mysql and not to group mysqldump.

As .txt file is created by server, who is running by the uid of mysql,
it simply has no permissions to write to that directory.

Deletion nof file was performed by client program, mysqldump.

--

Regards,

--
For technical support contracts, go to https://order.mysql.com/?ref=msmi
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Mr. Sinisa Milivojevic
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB
/_/ /_/\_, /___/\___\_\___/ Fulltime Developer and Support Coordinator
<___/ www.mysql.com Larnaca, Cyprus


--
MySQL Bugs Mailing List
For list archives: http://lists.mysql.com/bugs
To unsubscribe: http://lists.mysql.com/bugs?unsub=gcdmb-bugs@m.gmane.org