[Phpmyadmin-devel] Re: MAJOR security hole
Marc Delisle
Delislma at CollegeSherbrooke.qc.ca
Wed Aug 14 07:54:06 CEST 2002
Robin Johnson wrote:
>
> On checking out the other problem with systems totally open using the
> config mechanism, try out this series of SQL Commands:
>
> First time around:
> CREATE TABLE testB ( t mediumtext );
> LOAD DATA INFILE '/home/robbat2/public_html/PMA/config.inc.php' INTO TABLE
> testB FIELDS TERMINATED BY '\n' LINES TERMINATED BY '\n';
This fails if the config file is chmod 660, as suggested by faq [4.2].
--
Marc Delisle
More information about the Developers
mailing list