| Bug #36620 | Legacy leftovers in Falcon startup I/O | ||
|---|---|---|---|
| Submitted: | 9 May 2008 12:14 | Modified: | 8 Jan 11:28 |
| Reporter: | Philip Stoev | ||
| Status: | Closed | ||
| Category: | Server: Falcon | Severity: | S3 (Non-critical) |
| Version: | 6.0.5 | OS: | Any |
| Assigned to: | Lars-Erik Bjørk | Target Version: | 6.0.6 |
| Triage: | D4 (Minor) / R2 (Low) / E2 (Low) | ||
[10 Jul 2008 11:01]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/49404 2742 lars-erik.bjork@sun.com 2008-07-10 bug#36620 - Legacy leftovers in Falcon startup I/O Preventing Falcon from accessing falcon.conf (old netfrastructure config file) and from reading, creating and unlinking netfrastructure specific symlinks.
[10 Jul 2008 16:47]
Kevin Lewis
Patch looks good. OK to push
[22 Aug 2008 21:16]
Kevin Lewis
Fix is in version 6.0.6
[8 Jan 11:28]
MC Brown
A note has been added to the 6.0.6 changelog: FALCON would try to open a number of files during startup that are not required by the MySQL storage engine implmentation. These operations have been removed.
Description: When Falcon is starting up, it makes several file opens and unlinks which appear to be leftovers from its life as a standalone database, and are not in line with the behavoir of the rest of the server. I am listing those because I am concerned that some may open the server to symlink and other attacks: * open("falcon.conf", O_RDONLY) = -1 ENOENT (No such file or directory) The fact that falcon.conf is not documented anywhere, however it may be used to set Falcon options, even some that are not available for setting via mysqld. * readlink("/opt/netfrastructure/db.FALCON_MASTER", 0xbfff5a08, 1023) = -1 ENOENT (No such file or directory) * unlink("/opt/netfrastructure/db.FALCON_MASTER") = -1 ENOENT (No such file or directory * symlink("/build/datadir/falcon_master.fts", "/opt/netfrastructure/db.FALCON_MASTER") = -1 ENOENT (No such file or directory) Behavoir of Falcon if that symlink or directory exists is not defined. How to repeat: $ strace -f -F ./mysqld --datadir=/build/datadir --language=/build/6.0.5/share/english/ 2> strace $ grep falcon strace ================== $ perl mysql-test-run.pl --start-and-exit --skip-ndb --mysqld=--falcon_debug_mask=65535 $ cat var/log/master.err Exception: can't create symbol link /opt/netfrastructure/db.FALCON_MASTER to /build/6.0.5/mysql-test/var/master-data/falcon_master.fts Suggested fix: Avoid accessing files and symlinks if not needed. This would prevent potential security vulnerabilities, confusing log error messages and such.