diff options
author | Alexey Botchkov <holyfoot@askmonty.org> | 2018-07-14 23:06:49 +0400 |
---|---|---|
committer | Alexey Botchkov <holyfoot@askmonty.org> | 2018-07-14 23:06:49 +0400 |
commit | 25410d448d5cd5796852da106324309d169981c9 (patch) | |
tree | bbdbbd336b176bf86dcaa4c401c737387abab807 /plugin | |
parent | 7fda6161bc9daafbe26fb3ce687b6411537d49f3 (diff) | |
download | mariadb-git-25410d448d5cd5796852da106324309d169981c9.tar.gz |
MDEV-15473 Isolate/sandbox PAM modules, so that they can't crash the server.
mysql_install_db.sh script fixed.
Diffstat (limited to 'plugin')
-rw-r--r-- | plugin/auth_pam/CMakeLists.txt | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/plugin/auth_pam/CMakeLists.txt b/plugin/auth_pam/CMakeLists.txt index 4943d576a0d..fbf0979cd1e 100644 --- a/plugin/auth_pam/CMakeLists.txt +++ b/plugin/auth_pam/CMakeLists.txt @@ -11,7 +11,12 @@ IF(HAVE_PAM_APPL_H) ADD_DEFINITIONS(-D_GNU_SOURCE) MYSQL_ADD_PLUGIN(auth_pam_v1 auth_pam_v1.c LINK_LIBRARIES pam MODULE_ONLY) MYSQL_ADD_PLUGIN(auth_pam auth_pam.c LINK_LIBRARIES pam dl MODULE_ONLY) - MYSQL_ADD_EXECUTABLE(auth_pam_tool auth_pam_tool.c DESTINATION ${INSTALL_PLUGINDIR}/auth_pam_tool_dir COMPONENT Server) + MYSQL_ADD_EXECUTABLE(auth_pam_tool auth_pam_tool.c DESTINATION ${INSTALL_PLUGINDIR}/auth_pam_tool_dir COMPONENT Server) TARGET_LINK_LIBRARIES(auth_pam_tool pam) + INSTALL(CODE "EXECUTE_PROCESS( + COMMAND chmod u=rwx,g=,o= auth_pam_tool_dir + COMMAND chmod u=rwxs,g=rx,o=rx auth_pam_tool_dir/auth_pam_tool + WORKING_DIRECTORY \$ENV{DESTDIR}\${CMAKE_INSTALL_PREFIX}/${INSTALL_PLUGINDIR}/)" + COMPONENT Server) ENDIF(HAVE_PAM_APPL_H) |