This is a read-only copy of the MariaDB Knowledgebase generated on 2024-11-15. For the latest, interactive version please visit https://mariadb.com/kb/.

Created: 3 years, 8 months ago
Modified: 3 years, 7 months ago
Type: question
Status: active
License: CC BY-SA / Gnu FDL

Attachments

No attachments exist

mysql_setpermission depracated

mysql_setpermission is a Perl script that automates setting of permissions on MariaDB TABLES The script is bundled into releases of MySQL and MariaDB

mysql_setpermission has (by default) Unix permissions rwxr-xr-x root root So can be ran by anyone with an account on the Linux box that MariaDB is installed

Is that normal? - to give any user the authority to run mysql_setpermission with root permissions?

In other words, an insider threat actor with little knowledge of the DATBASE TABLES could manipulate access to achieve a DoS

What mitigation - maybe changing privileges (to 744) or alternative action could be taken; and not invoke mysql_setpermission?

Answer Answered by Sergei Golubchik in this comment.

There is no magic in mysql_setpermission, it is a normal MariaDB client tool, it needs proper credentials to connect to the database. Anyone can run it, but this anyone would need to specify a username and a password of a sufficiently privileged dabatase account.

↑ The Community ↑

Content reproduced on this site is the property of its respective owners, and this content is not reviewed in advance by MariaDB. The views, information and opinions expressed by this content do not necessarily represent those of MariaDB or any other party.

mysql_setpermission depracated

Answer Answered by Sergei Golubchik in this comment.

Products

Services

Pricing

Resources

About Us

Download MariaDB