Paul, >> Personally, I regard this security >> "improvement" rather a bug than a feature.
> The implementation certainly is problematic, but the underlying > issues that it tries to address is definitely real and not to be ignored. > People who say otherwise generally don't understand what those issues > are. Alright, now you got me :/ What I mean is there should be a way to turn LOCAL on again. It's certainly nice if you can turn it off for enhanced security, but why can't you turn it on again without compiling the server from source? The manual section says that there is a --local-infile[=1] option for the mysql CLI to turn it on, but it only mentions --local-infile=0 for the server to turn it off. To me, this looks like --local-infile=1 was intended to turn LOCAL on again, though the manual doesn't mention it. Regards, -- Stefan Hinz <[EMAIL PROTECTED]> Geschäftsführer / CEO iConnect GmbH <http://iConnect.de> Heesestr. 6, 12169 Berlin (Germany) Tel: +49 30 7970948-0 Fax: +49 30 7970948-3 ----- Original Message ----- From: "Paul DuBois" <[EMAIL PROTECTED]> To: "Stefan Hinz, iConnect (Berlin)" <[EMAIL PROTECTED]>; "Charles Mabbott" <[EMAIL PROTECTED]>; "'Prathmesh J. Mahidharia'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, January 09, 2003 4:37 AM Subject: Re: Load local data infile problem At 18:39 +0100 1/8/03, Stefan Hinz, iConnect (Berlin) wrote: >Charles, > >>> I posted the same problem a couple of days ago. LOCAL will not work >>> because of a security "improvement" the MySQL folks applied. > >> LOAD DATA INFILE "C:\\mysql\\fred.txt" INTO TABLE data_table; >> Hope this helps, but only a workaround... > >Without LOCAL, quite alot of things will not work. Imagine an ISP giving >every customer write privileges for the mysql/bin directory ... ;-/ > >Unfortunately, Monty did'nt mention if this is fixed in 4.0.8 or going >to be fixed in 4.0.9 or 4.1. Personally, I regard this security >"improvement" rather a bug than a feature. The implementation certainly is problematic, but the underlying issues that it tries to address is definitely real and not to be ignored. People who say otherwise generally don't understand what those issues are. > >Regards, >-- > Stefan Hinz <[EMAIL PROTECTED]> > Geschäftsführer / CEO iConnect GmbH <http://iConnect.de> > Heesestr. 6, 12169 Berlin (Germany) > Tel: +49 30 7970948-0 Fax: +49 30 7970948-3 --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
