diff options
| author | Shishir Jaiswal <shishir.j.jaiswal@oracle.com> | 2017-12-02 15:12:32 +0530 |
|---|---|---|
| committer | Shishir Jaiswal <shishir.j.jaiswal@oracle.com> | 2017-12-02 15:12:32 +0530 |
| commit | ecc5a07874d44307b835ff5dbd091343961fbc93 (patch) | |
| tree | 63b0ef914f4aca7289bb5ec48de86ebad1fc7a62 /sql-common | |
| parent | 8bc828b982f678d6b57c1853bbe78080c8f84e84 (diff) | |
| download | mariadb-git-ecc5a07874d44307b835ff5dbd091343961fbc93.tar.gz | |
Bug#26585560 - MYSQL DAEMON SHOULD CREATE ITS PID FILE AS
ROOT
DESCRIPTION
===========
If the .pid file is created at a world-writable location,
it can be compromised by replacing the server's pid with
another running server's (or some other non-mysql process)
PID causing abnormal behaviour.
ANALYSIS
========
In such a case, user should be warned that .pid file is
being created at a world-writable location.
FIX
===
A new function is_file_or_dir_world_writable() is defined
and it is called in create_pid_file() before .pid file
creation. If the location is world-writable, a relevant
warning is thrown.
NOTE
====
1. PID file is always created with permission bit 0664, so
for outside world its read-only.
2. Ignoring the case when permission is denied to get the
dir stats since the .pid file creation would fail anyway in
such a case.
Diffstat (limited to 'sql-common')
| -rw-r--r-- | sql-common/my_path_permissions.cc | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/sql-common/my_path_permissions.cc b/sql-common/my_path_permissions.cc new file mode 100644 index 00000000000..22cd748ff03 --- /dev/null +++ b/sql-common/my_path_permissions.cc @@ -0,0 +1,54 @@ +/* Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. + + This program is free software; you can redistribute it and/or modify it + under the terms of the GNU General Public License as published by the + Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + 02110-1301, USA */ + +#include "my_dir.h" + +#ifdef __cplusplus +extern "C" { +#endif + +/** + Check if a file/dir is world-writable (only on non-Windows platforms) + + @param [in] Path of the file/dir to be checked + + @returns Status of the file/dir check + @retval -2 Permission denied to check attributes of file/dir + @retval -1 Error in reading file/dir + @retval 0 File/dir is not world-writable + @retval 1 File/dir is world-writable + */ + +int is_file_or_dir_world_writable(const char *path) +{ + MY_STAT stat_info; + (void)path; // avoid unused param warning when built on Windows +#ifndef _WIN32 + if (!my_stat(path, &stat_info, MYF(0))) + { + return (errno == EACCES) ? -2 : -1; + } + if ((stat_info.st_mode & S_IWOTH) && + ((stat_info.st_mode & S_IFMT) == S_IFREG || /* file */ + (stat_info.st_mode & S_IFMT) == S_IFDIR)) /* or dir */ + return 1; +#endif + return 0; +} + +#ifdef __cplusplus +} +#endif |