标签：10 12 secure INSTALL value server file priv

Changes in MySQL 5.6.34 (2016-10-12, General Availability)

Security Notes

• Incompatible Change: The secure_file_priv system variable is used to limit the effect of data import and export operations. The following changes have been made to how the server handles this variable:

  • secure_file_priv can be set to NULL to disable all import and export operations.

  • The server checks the value of secure_file_priv at startup and writes a warning to the error log if the value is insecure. A non-NULL value is considered insecure if it is empty, or the value is the data directory or a subdirectory of it, or a directory that is accessible by all users. If secure_file_priv is set to a nonexistent path, the server writes an error message to the error log and exits.

  • Previously, the secure_file_priv system variable was empty by default. Now the default value is platform specific and depends on the value of the INSTALL_LAYOUT CMake option, as shown in the following table.

    INSTALL_LAYOUT Value	Default secure_file_priv Value
    STANDALONE, WIN	NULL
    DEB, RPM, SLES, SVR4	/var/lib/mysql-files
    Otherwise	mysql-files under the CMAKE_INSTALL_PREFIX value

  • To specify the default secure_file_priv value explicitly if you are building from source, use the new INSTALL_SECURE_FILE_PRIVDIR CMake option. To specify a directory for the embedded server, set the new INSTALL_SECURE_FILE_PRIV_EMBEDDEDDIR option. Its default value is NULL.

  (Bug #24679907, Bug #24695274, Bug #24707666)

标签：10,12,secure,INSTALL,value,server,file,priv
来源： https://www.cnblogs.com/jinzhenshui/p/12590947.html

本站声明： 1. iCode9 技术分享网（下文简称本站）提供的所有内容，仅供技术学习、探讨和分享；
2. 关于本站的所有留言、评论、转载及引用，纯属内容发起人的个人观点，与本站观点和立场无关；
3. 关于本站的所有言论和文字，纯属内容发起人的个人观点，与本站观点和立场无关；
4. 本站文章均是网友提供，不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属；如您发现该文章侵犯了您的权益，可联系我们第一时间进行删除；
5. 本站为非盈利性的个人网站，所有内容不会用来进行牟利，也不会利用任何形式的广告来间接获益，纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。