Re: SECURITY HOLE in MySQL module in PHP
Hello!
On Thu, 7 Feb 2002, Jaan Sarv wrote:
> > "LOAD DATA $local INFILE '$filename' INTO TABLE $tbl FIELDS "
> > . "TERMINATED BY '__THIS_NEVER_HAPPENS__' "
> > . "ESCAPED BY '' "
> > . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
>
> If I understand correctly, you need FILE privileges on the MySQL server for
> this exploit to function properly. So this seems like a misconfiguration
> problem, not a security hole.
No, you are not right.
This is *php* problem because of keyword "LOCAL" in query.
The files accessed locally (by locally installed php4-mysql module)!
Best regards,
Dmitry N. Hramtsov
Reply to: