MySQL Forums
Forum List  »  Security

Re: ERROR 2068 (HY000) in import csv
Posted by: Georgi Kodinov
Date: October 29, 2020 01:46AM

Yes, indeed. The issue is that a man in the middle can basically read every file on your client computer that the mysql client has access to by manipulating the packet contents. See https://dev.mysql.com/doc/refman/8.0/en/load-data-local-security.html for more details.

This is why it's disabled by default. But you can enable it back, if you are sure you're safe from MITM. Note that you'll have to enable it on both the client and the server. See the above page for details.

And lastly: there's been some modest usability improvement to this story in 8.0.21: As of MySQL 8.0.21, the MySQL client library enables client applications to restrict local data loading operations to files located in a designated directory. Certain MySQL client programs take advantage of this capability (e.g. the mysql command line tool and it's new --load-data-local-dir option).

Georgi "Joro" Kodinov
MySQL SrvGen team lead
Plovdiv, Bulgaria

Options: ReplyQuote


Subject
Views
Written By
Posted
13920
September 20, 2020 07:52AM
5582
September 20, 2020 10:57AM
Re: ERROR 2068 (HY000) in import csv
3252
October 29, 2020 01:46AM
1644
November 23, 2020 10:40AM
1018
November 23, 2020 10:52AM
925
November 15, 2020 10:11PM
1305
January 25, 2021 03:15AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.