summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTerje Rosten <terje.rosten@oracle.com>2018-06-20 12:38:32 +0200
committerTerje Rosten <terje.rosten@oracle.com>2018-06-20 12:50:10 +0200
commite1fdeb2468f3ee16e34e0c3af856edde128836e5 (patch)
treef5c13233364b08d7eb709c78698990618c64d709
parentcad692f919493e2176d52984415561496e13833d (diff)
downloadmariadb-git-e1fdeb2468f3ee16e34e0c3af856edde128836e5.tar.gz
Bug#27919254 MYSQL USER ESCALATES ITS PRIVILEGE BY PLACING ARBITRARY PIDS INTO ITS PID FILES
Shutdown server as mysql user to avoid accidentally sending signal to wrong process.
Diffstat
-rw-r--r--packaging/rpm-oel/mysql.init2
-rw-r--r--packaging/rpm-sles/mysql.init4
2 files changed, 3 insertions, 3 deletions
diff --git a/packaging/rpm-oel/mysql.init b/packaging/rpm-oel/mysql.init
index e46edd14187..4200e99dd95 100644
--- a/packaging/rpm-oel/mysql.init
+++ b/packaging/rpm-oel/mysql.init
@@ -159,7 +159,7 @@ stop(){
fi
MYSQLPID=`cat "$mypidfile"`
if [ -n "$MYSQLPID" ]; then
- /bin/kill "$MYSQLPID" >/dev/null 2>&1
+ /bin/su - mysql -s /bin/bash -c "/bin/kill $MYSQLPID" >/dev/null 2>&1
ret=$?
if [ $ret -eq 0 ]; then
TIMEOUT="$STOPTIMEOUT"
diff --git a/packaging/rpm-sles/mysql.init b/packaging/rpm-sles/mysql.init
index 4c72d976526..c89d56f5c1a 100644
--- a/packaging/rpm-sles/mysql.init
+++ b/packaging/rpm-sles/mysql.init
@@ -163,7 +163,7 @@ stop () {
# We use a signal to avoid having to know the root password
# Send single kill command and then wait
- if kill $pid >/dev/null 2>&1; then
+ if su - mysql -s /bin/bash -c "kill $pid" >/dev/null 2>&1; then
timer=$STOPTIMEOUT
while [ $timer -gt 0 ]; do
kill -0 $pid >/dev/null 2>&1 || break
@@ -196,7 +196,7 @@ reload () {
ret=0
if chk_running && mysqladmin --no-defaults --socket="$socket" ping >/dev/null 2>&1 ; then
pid=$(cat "$pidfile")
- kill -HUP $pid >/dev/null 2>&1
+ su - mysql -s /bin/bash -c "kill -HUP $pid" >/dev/null 2>&1
echo -n "Reloading service MySQL:"
rc_reset
else
View Lorry Controller Status