(mysql.info) load-data-local
Info Catalog
(mysql.info) privileges-options
(mysql.info) security
(mysql.info) changing-mysql-user
5.7.4 Security Issues with `LOAD DATA LOCAL'
--------------------------------------------
The `LOAD DATA' statement can load a file that is located on the server
host, or it can load a file that is located on the client host when the
`LOCAL' keyword is specified.
There are two potential security issues with supporting the `LOCAL'
version of `LOAD DATA' statements:
* The transfer of the file from the client host to the server host
is initiated by the MySQL server. In theory, a patched server
could be built that would tell the client program to transfer a
file of the server's choosing rather than the file named by the
client in the `LOAD DATA' statement. Such a server could access
any file on the client host to which the client user has read
access.
* In a Web environment where the clients are connecting from a Web
server, a user could use `LOAD DATA LOCAL' to read any files that
the Web server process has read access to (assuming that a user
could run any command against the SQL server). In this environment,
the client with respect to the MySQL server actually is the Web
server, not the remote program being run by the user who connects
to the Web server.
To deal with these problems, we changed how `LOAD DATA LOCAL' is
handled as of MySQL 3.23.49 and MySQL 4.0.2 (4.0.13 on Windows):
* By default, all MySQL clients and libraries in binary
distributions are compiled with the -enable-local-infile option,
to be compatible with MySQL 3.23.48 and before.
* If you build MySQL from source but do not invoke `configure' with
the -enable-local-infile option, `LOAD DATA LOCAL' cannot be used
by any client unless it is written explicitly to invoke
`mysql_options(... MYSQL_OPT_LOCAL_INFILE, 0)'. See
mysql-options.
* You can disable all `LOAD DATA LOCAL' commands from the server
side by starting `mysqld' with the -local-infile=0 option.
* For the `mysql' command-line client, `LOAD DATA LOCAL' can be
enabled by specifying the -local-infile[=1] option, or disabled
with the -local-infile=0 option. Similarly, for `mysqlimport', the
-local or -L option enables local data file loading. In any case,
successful use of a local loading operation requires that the
server is enabled to allow it.
* If you use `LOAD DATA LOCAL' in Perl scripts or other programs
that read the `[client]' group from option files, you can add the
`local-infile=1' option to that group. However, to keep this from
causing problems for programs that do not understand
`local-infile', specify it using the `loose-' prefix:
[client]
loose-local-infile=1
* If `LOAD DATA LOCAL INFILE' is disabled, either in the server or
the client, a client that attempts to issue such a statement
receives the following error message:
ERROR 1148: The used command is not allowed with this MySQL version
Info Catalog
(mysql.info) privileges-options
(mysql.info) security
(mysql.info) changing-mysql-user
automatically generated byinfo2html