Bug #96450 | mysql shell importTable requires local_infile set | ||
---|---|---|---|
Submitted: | 7 Aug 2019 13:44 | Modified: | 26 Aug 2020 23:23 |
Reporter: | Morgan Tocker | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server: Document Store: MySQL Shell | Severity: | S2 (Serious) |
Version: | 8.0.17 | OS: | Any |
Assigned to: | CPU Architecture: | Any |
[7 Aug 2019 13:44]
Morgan Tocker
[8 Aug 2019 8:17]
MySQL Verification Team
Hello Morgan, Thank you for the report and feedback. regards, Umesh
[8 Aug 2019 8:19]
MySQL Verification Team
- MySQL CLI session bin/mysql -uroot -S /tmp/mysql_ushastry.sock Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 7 Server version: 8.0.17 MySQL Community Server - GPL Copyright (c) 2000, 2019, Oracle and/or its affiliates. All rights reserved. Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. mysql> show variables like 'local%'; +---------------+-------+ | Variable_name | Value | +---------------+-------+ | local_infile | OFF | +---------------+-------+ 1 row in set (0.08 sec) mysql> create database test; Query OK, 1 row affected (0.00 sec) mysql> use test Database changed mysql> create table foo(id int, name varchar(41)); Query OK, 0 rows affected (0.01 sec) - MySQL Shell session bin/mysqlsh mysql://root@localhost:3333 --ssl-mode=DISABLED -- util import-table foo.csv --schema=test --table=foo Please provide the password for 'root@localhost:3333': ERROR: The 'local_infile' global system variable must be set to ON in the target server, after the server is verified to be trusted. ERROR: Util.importTable: Invalid preconditions - MySQL CLI session mysql> set local_infile=ON; ERROR 1229 (HY000): Variable 'local_infile' is a GLOBAL variable and should be set with SET GLOBAL
[26 Aug 2020 23:23]
Kenny Gryp
As it is right now both importTable and loadDump load data using LOAD DATA statements which require the local_infile to be enabled. The security issues related to local_infile are resolved in the latest client, but this indeed does not prevent older or modified clients to still pose a problem. I am going to close the issue as not a bug. The only way for shell to not require local_infile=1 is to either change the protocol or not use LOAD DATA anymore. We'll address that in a separate enhancement.