maria-discuss team mailing list archive

Thread
Date

Re: Critical Update for CVE-2016-6662

To: Reindl Harald <h.reindl@xxxxxxxxxxxxx>, maria-discuss@xxxxxxxxxxxxxxxxxxx
From: jocelyn fournier <jocelyn.fournier@xxxxxxxxx>
Date: Mon, 12 Sep 2016 23:28:10 +0200
In-reply-to: <267d211c-a92f-0f92-e565-81b3c2d0a11b@thelounge.net>
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.2.0

Hi Reindl,

Le 12/09/2016 à 23:18, Reindl Harald a écrit :



Am 12.09.2016 um 22:53 schrieb Reinis Rozitis:

how should that be possible from a daemon runnign with a restricteduser?
Some distros run mysqld_safe under root which also reads the *.cnf files
(cowered in advisory)


mysqld_safe != mysqld != something a client interacts with
which distribution out there is running *mysqld* as root?

The mysqld flaw (running as mysql) allows changes to the my.cnf to add aLD_PRELOAD which will load the mysql_hookandroot.so as root thanks tomysqld_safe, at the next mysql restart.



  Jocelyn

Follow ups

Re: Critical Update for CVE-2016-6662
From: Reindl Harald, 2016-09-12

References

Critical Update for CVE-2016-6662
From: Alex, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Sergei Golubchik, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Reindl Harald, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Alex, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Reindl Harald, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Reinis Rozitis, 2016-09-12
Re: Critical Update for CVE-2016-6662
From: Reindl Harald, 2016-09-12