Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Minor
-
Resolution: Fixed
-
Affects Version/s: 5.5.25
-
Fix Version/s: 5.5.27
-
Component/s: None
-
Labels:None
-
Environment:linux
Description
There has been a patch in MySQL 5.0.44 (see mysql bugs #21723 / #21361) that would enable core dumps on Linux even when setuid() was used on mysqld by setting "prctl(PR_SET_DUMPABLE, 1);"
This is actually dead code though as it was placed behind the final error handling block in the check_user() function in sql/mysqld.cc, right after an unconditional unireg_abort() call. So this can never actually have worked.
Proposed fix: call prctl() directly after changing the user id in set_user()/set_effective_user() instead. (this is actually the place where Deans patch from bug #21723 suggested to add the pcrtl() call, no idea why it was added in a completely different place instead ...)
Gliffy Diagrams
Attachments
Activity
- All
- Comments
- Work Log
- History
- Activity
- Transitions
