Hi, Sergey! On Dec 21, Sergey Vojtovich wrote: > On Mon, Dec 21, 2015 at 01:45:27PM +0100, Sergei Golubchik wrote: > > > > > besides, what the plan for moving to unix_socket auth? > > > Strictly speaking there is no plan. If you're asking for my opinion: I > > > like it. > > > I'd avoid such massive changes to not very well tested scripts in GA > > > versions. > > > 10.2 seem to be reasonable target version. > > > > > > I could probably do that over the next week, or some time in > > > February/March. > > > > my point was - if unix_socket comes soon, why bother fixing these > > issues? and it not, then "will be solved by unix_socket" is not an > > excuse we can use. > I'm fine if we agree to port unix socket to 10.2 and leave previous versions > unfixed.
Okay, let's do that. Let's just push the chmod fix, it's the only security-relevant issue in your MDEV. But now I'm thinking that your fix isn't bullet-proof either, it makes the window smaller but doesn't eliminate it. A safe version could be something like sh -c 'umask 0077 && touch /secret/file' Regards, Sergei _______________________________________________ Mailing list: https://launchpad.net/~maria-developers Post to : [email protected] Unsubscribe : https://launchpad.net/~maria-developers More help : https://help.launchpad.net/ListHelp
