mysql and php problem
does mysqld option '--secure-file-priv=' is implemented at all? it says so in manual, but when i set it to like /something, users are able to load_file from anywhere in the system anyways
i use mysql 5.0.51a-3 on linux (debian)
i just added it to /etc/init.d/mysql in mysql_safe line, like --secure-file-priv=/some/notexisting/dir, and i restarted mysql.
in memory i see (ps auxw|grep mysql) that it is used, but i'm still able load any file with apache permissions. (bypassing php safe mode), so i REALLY need to turn off this function. but no idea how...
or maybe do you know any tool that automatically blocks suspicious php scripts, like php shells.