mysql user has home directory writable by mysqld
Bug #293258 reported by
Domas Mituzas
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
mysql-dfsg-5.1 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Binary package hint: mysql-server-5.0
It is quite serious no-no of having valid writeable home directory for MySQL - anyone with FILE privilege can create files in ~mysql, thus allowing to do .rhost-like (.profile, .forward, .plan ;-) attacks on a system.
Fortunately, MySQL does not allow creating databases (directories) with a dot, so immediate access to ssh directory is not possible, though clever attacker can find ways.. (and even without any shell one can do port forwarding).
There is no need whatsoever for MySQL user to have a 'home directory' - the 'data directory' should be separate from any unix user context.
Changed in mysql-dfsg-5.0: | |
status: | New → Confirmed |
Changed in mysql-dfsg-5.0 (Ubuntu): | |
status: | Incomplete → Confirmed |
Changed in mysql-dfsg-5.0: | |
importance: | Undecided → Medium |
affects: | mysql-dfsg-5.0 (Ubuntu) → mysql-dfsg-5.1 (Ubuntu) |
To post a comment you must log in.
resetting back to new, maybe I failed something