← Back to team overview

maria-discuss team mailing list archive

Re: Critical Update for CVE-2016-6662


a service itself *must not* have the permissions to write it's config files

The safeguard script also reads configuration files from MySQLs data directory which is writable by the service. Though the author also cowers cases of bad configuration and possible victims.

"Root-Code-Execution" is clickbait

Since when a CVE is a clickbait ..


Follow ups