Le 12/09/2016 à 23:18, Reindl Harald a écrit :
Am 12.09.2016 um 22:53 schrieb Reinis Rozitis:
how should that be possible from a daemon runnign with a restricted
user?
Some distros run mysqld_safe under root which also reads the *.cnf files
(cowered in advisory)
mysqld_safe != mysqld != something a client interacts with
which distribution out there is running *mysqld* as root?
The mysqld flaw (running as mysql) allows changes to the my.cnf to add a
LD_PRELOAD which will load the mysql_hookandroot.so as root thanks to
mysqld_safe, at the next mysql restart
