#26 Security Flaw Found


Note it should be a huge security improvement to only allow "create,insert,update,select" privileges only to those who are security conscious. The mysql grant FILE and All Privileges allow way too much power to the sguil daemon. If any agents or sguil daemon were compromised, then the would-be hacker would have full access to the all databases on the system and possibly control over all the agents and sguil daemon. A jail could be created, but isn't better to use SQL's built-in grant tables ?
if I understand it correctly, the grant FILE permission is used for speed of data entry. I think it would benefit users to have an option to use only the four privileges above instead of SQL routine 'load_data_infile.'

A separate cron job could be run for maintenance that should fulfill any delete, indexing or other processing requirements.


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks