maria-developers team mailing list archive

[Sergey Vojtovich <svoj@xxxxxxxxxxx>]

Hi Sergei,

On Mon, Dec 21, 2015 at 08:22:51PM +0100, Sergei Golubchik wrote:
> Hi, Sergey!
> 
> On Dec 21, Sergey Vojtovich wrote:
> > On Mon, Dec 21, 2015 at 01:45:27PM +0100, Sergei Golubchik wrote:
> > 
> > > > > besides, what the plan for moving to unix_socket auth?
> > > > Strictly speaking there is no plan. If you're asking for my opinion: I like it.
> > > > I'd avoid such massive changes to not very well tested scripts in GA versions.
> > > > 10.2 seem to be reasonable target version.
> > > > 
> > > > I could probably do that over the next week, or some time in February/March.
> > > 
> > > my point was - if unix_socket comes soon, why bother fixing these
> > > issues? and it not, then "will be solved by unix_socket" is not an
> > > excuse we can use.
> > I'm fine if we agree to port unix socket to 10.2 and leave previous versions
> > unfixed.
> 
> Okay, let's do that.
> 
> Let's just push the chmod fix, it's the only security-relevant issue in
> your MDEV. But now I'm thinking that your fix isn't bullet-proof either,
> it makes the window smaller but doesn't eliminate it.
Push it just to 10.1?
Just chmod and no chown? I don't mind, but it deviates from original behavior.

> 
> A safe version could be something like
> 
>    sh -c 'umask 0077 && touch /secret/file'
You're right, permission is checked on open and not on subsequent IO. I'll fix
it.

Thanks,
Sergey