Bug#24464380 PRIVILEGE ESCALATION USING MYSQLD_SAFE

Argument to malloc-lib must be included in restricted list of
directories, symlink guards added, and mysqld and mysqld-version
options restricted to command line only. Don't redirect errors to
stderr.

2 files changed, 2 insertions, 2 deletions

diff --git a/packaging/rpm-oel/mysql.init b/packaging/rpm-oel/mysql.init
index 262d0582f68..aaea498d153 100644
--- a/packaging/rpm-oel/mysql.init
+++ b/packaging/rpm-oel/mysql.init
@@ -102,7 +102,7 @@ start(){
 	# alarms, per bug #547485
 	$exec   --datadir="$datadir" --socket="$socketfile" \
 		--pid-file="$mypidfile" \
-		--basedir=/usr --user=mysql >/dev/null 2>&1 &
+		--basedir=/usr --user=mysql >/dev/null &
 	safe_pid=$!
 	# Spin for a maximum of N seconds waiting for the server to come up;
 	# exit the loop immediately if mysqld_safe process disappears.
diff --git a/packaging/rpm-sles/mysql.init b/packaging/rpm-sles/mysql.init
index 50ca4c9033c..dda0bebba56 100644
--- a/packaging/rpm-sles/mysql.init
+++ b/packaging/rpm-sles/mysql.init
@@ -137,7 +137,7 @@ start () {
 	rc_failed 6 ; rc_status -v ; rc_exit
     fi
 
-    $PROG --basedir=/usr --datadir="$datadir" --pid-file="$pidfile" >/dev/null 2>&1 &
+    $PROG --basedir=/usr --datadir="$datadir" --pid-file="$pidfile" >/dev/null &
     if pinger $! ; then
 	echo -n "Starting service MySQL:"
 	touch $lockfile