← Back to team overview

maria-discuss team mailing list archive

Re: Critical Update for CVE-2016-6662


Am 12.09.2016 um 23:28 schrieb jocelyn fournier:
Le 12/09/2016 à 23:18, Reindl Harald a écrit :

Am 12.09.2016 um 22:53 schrieb Reinis Rozitis:
how should that be possible from a daemon runnign with a restricted

Some distros run mysqld_safe under root which also reads the *.cnf files
(cowered in advisory)

mysqld_safe != mysqld != something a client interacts with
which distribution out there is running *mysqld* as root?

The mysqld flaw (running as mysql) allows changes to the my.cnf to add a
LD_PRELOAD which will load the mysql_hookandroot.so as root thanks to
mysqld_safe, at the next mysql restart

on which linux distribution is "my.cnf" writeable by the user the daemon runs under?