Re: INTO OUTFILE "filename" creates world writeable files

Dear Sinisa

thanks for your reply.

> As you can see from the above output, user mysql belongs to group
> mysql and not to group mysqldump.

Um, we'd already fixed that:

% groups mysql
mysql mysqldump

>As .txt file is created by server, who is running by the uid of mysql,
>it simply has no permissions to write to that directory.

We tried this "by hand" as user mysql, and it worked. Also, the fact
that mysql can delete a file, means it can write one, at least that's
my understanding of UNIX perms.

It seems that mysqldump:

[a] deletes without checking perms (line 996 of mysqldump.c, my_delete)
[b] attempts to create a file via mysql_query(), which fails

A truss of an attempt to run this in my home directory reveals the
successful delete and the failed socket.

------------- Begin Included Message -------------

5299: unlink("/home/neil/tmp/build.txt") = 0
5299: fstat64(3, 0xFFBEE740) = 0
5299: getsockopt(3, 65535, 8192, 0xFFBEE840, 0xFFBEE83C, 0) = 0
5299: setsockopt(3, 65535, 8192, 0xFFBEE840, 4, 0) = 0
5299: fcntl(3, F_SETFL, 0x00000082) = 0
5299: read(3, 0x0003A260, 1047551) Err#11 EAGAIN

------------- End Included Message -------------

So is this a socket issue? Or that the socket is looking for
unnecessary world-writeable permissions? I'm running this on:

% uname
SunOS dbhost 5.8 Generic_108528-18 sun4u sparc SUNW,Ultra-Enterprise

Yours
Neil
------------------------------------------------------------ ---------
Neil Walker email: neil.walker@cimr.cam.ac.uk
JDRF/WT Diabetes and Inflammation tel: +44 (0)1223 763210
Laboratory fax: +44 (0)1223 762102
Cambridge, UK http://www-gene.cimr.cam.ac.uk/todd/
------------------------------------------------------------ ---------


--
MySQL Bugs Mailing List
For list archives: http://lists.mysql.com/bugs
To unsubscribe: http://lists.mysql.com/bugs?unsub=gcdmb-bugs@m.gmane.org

Re: INTO OUTFILE "filename" creates world writeable files

Neil Walker writes:
> Dear Sinisa
>
> thanks for your reply.
>
> > As you can see from the above output, user mysql belongs to group
> > mysql and not to group mysqldump.
>
> Um, we'd already fixed that:
>
> % groups mysql
> mysql mysqldump
>
> >As .txt file is created by server, who is running by the uid of mysql,
> >it simply has no permissions to write to that directory.
>
> We tried this "by hand" as user mysql, and it worked. Also, the fact
> that mysql can delete a file, means it can write one, at least that's
> my understanding of UNIX perms.
>
> It seems that mysqldump:
>
> [a] deletes without checking perms (line 996 of mysqldump.c,
> my_delete)

That is ok as file is created soon thereafgter.

And if deletion fails, error is returned.

> [b] attempts to create a file via mysql_query(), which fails
>

It is server who attempts it.

> Yours
> Neil

It is possible that Solaris is not using current group until mysqld
restarts. This should not be a case, but still.

You can try it by mysqldumping to /tmp and see with what group id is
mysqld writting.

--

Regards,

--
For technical support contracts, go to https://order.mysql.com/?ref=msmi
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Mr. Sinisa Milivojevic
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB
/_/ /_/\_, /___/\___\_\___/ Fulltime Developer and Support Coordinator
<___/ www.mysql.com Larnaca, Cyprus


--
MySQL Bugs Mailing List
For list archives: http://lists.mysql.com/bugs
To unsubscribe: http://lists.mysql.com/bugs?unsub=gcdmb-bugs@m.gmane.org

Re: INTO OUTFILE "filename" creates world writeable files

Hi!

On Jul 08, Neil Walker wrote:
>
> A truss of an attempt to run this in my home directory reveals the
> successful delete and the failed socket.
>
> ------------- Begin Included Message -------------
>
> 5299: unlink("/home/neil/tmp/build.txt") = 0
> 5299: fstat64(3, 0xFFBEE740) = 0
> 5299: getsockopt(3, 65535, 8192, 0xFFBEE840, 0xFFBEE83C, 0) = 0
> 5299: setsockopt(3, 65535, 8192, 0xFFBEE840, 4, 0) = 0
> 5299: fcntl(3, F_SETFL, 0x00000082) = 0
> 5299: read(3, 0x0003A260, 1047551) Err#11 EAGAIN
>
> ------------- End Included Message -------------
>
> So is this a socket issue? Or that the socket is looking for
> unnecessary world-writeable permissions? I'm running this on:

socket permissions has nothing to do with it.
'man 2 read' reveals:

ERRORS
....
EAGAIN Non-blocking I/O has been selected using O_NONBLOCK
and no data was immediately available for reading.

it's not "permission denied" - it's simply client trying to read
server's reply before it was actually sent.

MySQL will retry with timeout then. (my_real_read())

Regards,
Sergei

--
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Sergei Golubchik
/ /|_/ / // /\ \/ /_/ / /__ MySQL AB, Senior Software Developer
/_/ /_/\_, /___/\___\_\___/ Osnabrueck, Germany
<___/ www.mysql.com

--
MySQL Bugs Mailing List
For list archives: http://lists.mysql.com/bugs
To unsubscribe: http://lists.mysql.com/bugs?unsub=gcdmb-bugs@m.gmane.org