Results 1 to 1 of 1
does mysqld option '--secure-file-priv=' is implemented at all? it says so in manual, but when i set it to like /something, users are able to load_file from anywhere in the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 05-09-2008 #1
- Join Date
- Jan 2006
mysql and php problem
i use mysql 5.0.51a-3 on linux (debian)
i just added it to /etc/init.d/mysql in mysql_safe line, like --secure-file-priv=/some/notexisting/dir, and i restarted mysql.
in memory i see (ps auxw|grep mysql) that it is used, but i'm still able load any file with apache permissions. (bypassing php safe mode), so i REALLY need to turn off this function. but no idea how...
or maybe do you know any tool that automatically blocks suspicious php scripts, like php shells.