Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 494538 Details for
Bug 630822
dev-db/{mysql-cluster,mariadb,mysql,percona-server,mariadb-galera}: root privilege escalation via "chown"
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
bug-630822.patch
bug-630822.patch (text/x-diff), 1.46 KB, created by
Brian Evans (RETIRED)
on 2017-09-14 17:35:47 UTC
(
hide
)
Description:
bug-630822.patch
Filename:
MIME Type:
Creator:
Brian Evans (RETIRED)
Created:
2017-09-14 17:35:47 UTC
Size:
1.46 KB
patch
obsolete
>diff --git a/dev-db/mariadb/mariadb-10.2.8.ebuild b/dev-db/mariadb/mariadb-10.2.8.ebuild >index 505e94e4664..485607f32a8 100644 >--- a/dev-db/mariadb/mariadb-10.2.8.ebuild >+++ b/dev-db/mariadb/mariadb-10.2.8.ebuild >@@ -189,15 +189,9 @@ pkg_postinst() { > # Make sure the vars are correctly initialized > mysql_init_vars > >- # Check FEATURES="collision-protect" before removing this >+ # Create log directory securely if it does not exist > [[ -d "${ROOT}${MY_LOGDIR}" ]] || install -d -m0750 -o mysql -g mysql "${ROOT}${MY_LOGDIR}" > >- # Secure the logfiles >- touch "${ROOT}${MY_LOGDIR}"/mysql.{log,err} >- chown mysql:mysql "${ROOT}${MY_LOGDIR}"/mysql* >- chmod 0660 "${ROOT}${MY_LOGDIR}"/mysql* >- >- # Minimal builds don't have the MySQL server > if use server ; then > if use pam; then > einfo >@@ -917,7 +911,7 @@ pkg_config() { > unset pwd1 pwd2 > fi > >- local options >+ local options opt > local sqltmp="$(emktemp)" > > # Fix bug 446200. Don't reference host my.cnf, needs to come first, >@@ -966,7 +960,12 @@ pkg_config() { > popd &>/dev/null > [[ -f "${ROOT}/${MY_DATADIR}/mysql/user.frm" ]] \ > || die "MySQL databases not installed" >- chown -R mysql:mysql "${ROOT}/${MY_DATADIR}" 2>/dev/null >+ local directories=( "${ROOT}/${MY_DATADIR}"/{mysql,test} ) >+ for opt in ${directories[@]} ; do >+ if [[ -d "${opt}" ]] ; then >+ chgrp mysql "${opt}" 2>/dev/null || die >+ fi >+ done > chmod 0750 "${ROOT}/${MY_DATADIR}" 2>/dev/null > > local socket="${EROOT}/var/run/mysqld/mysqld${RANDOM}.sock"
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 630822
: 494538