• Kristofer Pettersson's avatar
    Bug58747 57359 patch: breaks secure_file_priv+not secure yet+still accesses other folders · 7c8541f9
    Kristofer Pettersson authored
    "load data infile .."  allowed for access to 
    unautohorized tables.
    Due to a faulty if-statement it was possible to
    circumvent the secure_file_priv restriction.
    
    
    mysql-test/mysql-test-run.pl:
      * Add SECURE_LOAD_PATH environment variable to mtr test cases.
    mysql-test/suite/sys_vars/r/secure_file_priv2.result:
      * add test for bug58747
    mysql-test/suite/sys_vars/t/secure_file_priv2-master.opt:
      * add test for bug58747
    mysql-test/suite/sys_vars/t/secure_file_priv2.test:
      * add test for bug58747
    sql/sql_load.cc:
      * Correct faulty if-statement
      * fix indentation
      * move my_stat() block to after is_secure_file_path() check.
    7c8541f9
secure_file_priv2-master.opt 37 Bytes