On Tue, Dec 24, 2002 at 03:35:22PM +0100, Christian Hammers wrote: > Hi > > I'm currently preparing the 4.x version of mysql (see /experimental/) > and thinking about chrooting the daemon in /var/lib/mysql. > > This would be more secure although it would be a bit of work for me and > limit the LOAD DATA INFILE and SELECT INTO OUTFILE commands to this > directories. > > Now I'm wondering how many people are using the above commands and if > they would accept chaning their programs to use new directories, given > that they install a new major release of mysql anyway (it will not be > done in the 3.23 version)
I imagine you'll get a lot of complaints about this if you make it the default (and maybe even only) option. Perhaps it would be better to either ask a debconf question, or use the method Martin F. Krafft used for bind9: create a separate bind9-chroot package that converts an existing bind9 install to a chroot one? -rob
msg20948/pgp00000.pgp
Description: PGP signature
