13 Sep
2016
13 Sep
'16
12:28 a.m.
Hi Reindl, Le 12/09/2016 à 23:18, Reindl Harald a écrit :
Am 12.09.2016 um 22:53 schrieb Reinis Rozitis:
how should that be possible from a daemon runnign with a restricted user?
Some distros run mysqld_safe under root which also reads the *.cnf files (cowered in advisory)
mysqld_safe != mysqld != something a client interacts with which distribution out there is running *mysqld* as root?
The mysqld flaw (running as mysql) allows changes to the my.cnf to add a LD_PRELOAD which will load the mysql_hookandroot.so as root thanks to mysqld_safe, at the next mysql restart. Jocelyn