Security Issues with LOAD DATA LOCAL


The LOAD DATA statement can load a file that is located on the server host, or it can load a file that is located on the client host when the LOCAL keyword is specified.

There are two potential security issues with supporting the LOCAL version of LOAD DATA statements:

To deal with these problems, we changed how LOAD DATA LOCAL is handled as of MariaDB 3.23.49 and MariaDB 4.0.2 (4.0.13 on Windows):

Retornar