Mysql:Changes in MySQL 5.6.34 (2016-10-12, General Availability):secure-file-priv

Changes in MySQL 5.6.34 (2016-10-12, General Availability)

Security Notes

  • Incompatible Change: The secure_file_priv system variable is used to limit the effect of data import and export operations. The following changes have been made to how the server handles this variable:

    • secure_file_priv can be set to NULL to disable all import and export operations.

    • The server checks the value of secure_file_priv at startup and writes a warning to the error log if the value is insecure. A non-NULL value is considered insecure if it is empty, or the value is the data directory or a subdirectory of it, or a directory that is accessible by all users. If secure_file_priv is set to a nonexistent path, the server writes an error message to the error log and exits.

    • Previously, the secure_file_priv system variable was empty by default. Now the default value is platform specific and depends on the value of the INSTALL_LAYOUT CMake option, as shown in the following table.

      INSTALL_LAYOUT Value Default secure_file_priv Value
      STANDALONE, WIN NULL
      DEB, RPM, SLES, SVR4 /var/lib/mysql-files
      Otherwise mysql-files under the CMAKE_INSTALL_PREFIX value
    • To specify the default secure_file_priv value explicitly if you are building from source, use the new INSTALL_SECURE_FILE_PRIVDIR CMake option. To specify a directory for the embedded server, set the new INSTALL_SECURE_FILE_PRIV_EMBEDDEDDIR option. Its default value is NULL.

    (Bug #24679907, Bug #24695274, Bug #24707666)

 

上一篇:ssh(Secure Shell)


下一篇:客户端数据存储----Cookie From 《高程3》