hcq/oceanbase
hcq/oceanbase
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

limit secure_file_priv local access

Browse Source
This commit is contained in:
zhjc1124 2023-07-04 02:48:24 +00:00 committed by ob-robot
parent 471cfeb36d
commit e8866b5f23
2 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/observer/ob_srv_network_frame.cpp
View File

@ -104,7 +104,7 @@ static int update_tcp_keepalive_parameters_for_sql_nio_server(int tcp_keepalive_
int ObSrvNetworkFrame::init()
{
int ret = OB_SUCCESS;
const char* mysql_unix_path = "unix:run/mysql.sock";
const char* mysql_unix_path = "unix:run/sql.sock";
const char* rpc_unix_path = "unix:run/rpc.sock";
const uint32_t rpc_port = static_cast<uint32_t>(GCONF.rpc_port);
ObNetOptions opts;

8
src/sql/engine/cmd/ob_variable_set_executor.cpp
View File

@ -275,12 +275,10 @@ int ObVariableSetExecutor::execute(ObExecContext &ctx, ObVariableSetStmt &stmt)
if (!addr.ip_to_string(buf, sizeof(buf))) {
ret = OB_ERR_UNEXPECTED;
LOG_WARN("format leader ip failed", K(ret), K(addr));
} else if (!(0 == ctx.get_my_session()->get_client_ip().compare(buf)
|| 0 == client_ip.compare("127.0.0.1")
|| 0 == client_ip.compare("::1"))) {
} else if (!(0 == client_ip.compare("unix:"))) {
ret = OB_NOT_SUPPORTED;
LOG_WARN("modify SECURE_FILE_PRIV by remote client", K(ret), K(client_ip));
LOG_USER_ERROR(OB_NOT_SUPPORTED, "modify SECURE_FILE_PRIV by remote client");
LOG_WARN("modify SECURE_FILE_PRIV not by unix socket connection", K(ret), K(client_ip));
LOG_USER_ERROR(OB_NOT_SUPPORTED, "modify SECURE_FILE_PRIV not by unix socket connection");
}
}
}