WL#8392: Disable symbolic links as compiled default + deprecate variable
Affects: Server-8.0 — Status: Complete — Priority: Medium
Symbolic links is defacto disabled on most MySQL distributions, because sample configuration files contain: symbolic-links=0 Since symbolic links allow MySQL to write data to any effective location on the operating system, it creates two issues: 1) MySQL may be tricked into writing to locations it is not supposed to 2) MySQL may write to a location that has privileges that are too loose, and may be tampered with by other users on the operating system. (MySQL mitigates risk #1 by not overwriting existing files, but the risk still remains as an attack vector.) We therefore decided: 1) Change the compiled default to OFF (aligning with the defacto default) 2) Deprecate and remove this functionality in a future release. Deprecation of --symbolic-links includes deprecating have_symlink. User Documentation ================== * https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-2.html * https://dev.mysql.com/doc/refman/8.0/en/symbolic-links-to-tables.html * https://dev.mysql.com/doc/refman/8.0/en/server-options.html#option_mysqld_symbolic-links * https://dev.mysql.com/doc/refman/8.0/en/server-system-variables.html#sysvar_have_symlink
Copyright (c) 2000, 2018, Oracle Corporation and/or its affiliates. All rights reserved.