hcq/oceanbase
1
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

limit secure_file_priv local access

Browse Source
This commit is contained in:
zhjc1124
2023-07-04 02:48:24 +00:00
committed by ob-robot
parent 471cfeb36d
commit e8866b5f23
2 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/observer/ob_srv_network_frame.cpp
View File

@ -104,7 +104,7 @@ static int update_tcp_keepalive_parameters_for_sql_nio_server(int tcp_keepalive_
int ObSrvNetworkFrame::init() int ObSrvNetworkFrame::init()
{ {
int ret = OB_SUCCESS; int ret = OB_SUCCESS;
const char* mysql_unix_path = "unix:run/mysql.sock"; const char* mysql_unix_path = "unix:run/sql.sock";
const char* rpc_unix_path = "unix:run/rpc.sock"; const char* rpc_unix_path = "unix:run/rpc.sock";
const uint32_t rpc_port = static_cast<uint32_t>(GCONF.rpc_port); const uint32_t rpc_port = static_cast<uint32_t>(GCONF.rpc_port);
ObNetOptions opts; ObNetOptions opts;

8
src/sql/engine/cmd/ob_variable_set_executor.cpp
View File

@ -275,12 +275,10 @@ int ObVariableSetExecutor::execute(ObExecContext &ctx, ObVariableSetStmt &stmt)
if (!addr.ip_to_string(buf, sizeof(buf))) { if (!addr.ip_to_string(buf, sizeof(buf))) {
ret = OB_ERR_UNEXPECTED; ret = OB_ERR_UNEXPECTED;
LOG_WARN("format leader ip failed", K(ret), K(addr)); LOG_WARN("format leader ip failed", K(ret), K(addr));
} else if (!(0 == ctx.get_my_session()->get_client_ip().compare(buf) } else if (!(0 == client_ip.compare("unix:"))) {
|| 0 == client_ip.compare("127.0.0.1")
|| 0 == client_ip.compare("::1"))) {
ret = OB_NOT_SUPPORTED; ret = OB_NOT_SUPPORTED;
LOG_WARN("modify SECURE_FILE_PRIV by remote client", K(ret), K(client_ip)); LOG_WARN("modify SECURE_FILE_PRIV not by unix socket connection", K(ret), K(client_ip));
LOG_USER_ERROR(OB_NOT_SUPPORTED, "modify SECURE_FILE_PRIV by remote client"); LOG_USER_ERROR(OB_NOT_SUPPORTED, "modify SECURE_FILE_PRIV not by unix socket connection");
} }
} }
} }