lib_mysqludf_sys contains a number of functions that allows one to interact with the operating system.
sys_exec - executes an arbitrary command, and can thus be used to launch an external application.sys_eval - executes an arbitrary command, and returns it's output.sys_exec - executes an arbitrary command, and returns it's exit code.sys_get - gets the value of an environment variable.sys_set - create an environment variable, or update the value of an existing environment variable.lib_mysqludf_sys_info() to obtain information about the currently installed version of lib_mysqludf_sys.
+
+
+ sys_eval takes one command string argument and executes it, returning its output.
+
sys_eval(arg1)+
arg1+ Place the shared library binary in an appropriate location. + Log in to mysql as root or as another user with sufficient privileges, and select any database. + Then, create the function using the following DDL statement: +
++CREATE FUNCTION sys_eval RETURNS STRING SONAME 'lib_mysqludf_sys.so'; ++
+ The function will be globally available in all databases. +
++ The deinstall the function, run the following statement: +
++DROP FUNCTION sys_eval; ++
+ None yet +
+
+ Be very careful in deciding whether you need this function.
+ UDFs are available to all database users - you cannot grant EXECUTE privileges for them.
+ As the commandstring passed to sys_exec can do pretty much everything,
+ exposing the function poses a very real security hazard.
+
+ Even for a benign user, it is possible to accidentally do a lot of damage with it. + The call will be executed with the privileges of the os user that runs MySQL, + so it is entirely feasible to delete MySQL's data directory, or worse. +
++ The function is intended for specialized MySQL applications where one needs extended + control over the operating system. + Currently, we do not have UDF's for ftp, email and http, + and this function can be used to implement such functionality in case it is really necessary + (datawarehouse staging areas could be a case in example). +
++ You have been warned! If you don't see the hazard, please don't try to find it; just trust me on this. +
++ If you do decide to use this library in a production environment, make sure that only specific commands can be run and file access is limited by using AppArmor. +
+
sys_exec takes one command string argument and executes it.
@@ -92,6 +159,9 @@ DROP FUNCTION sys_exec;
You have been warned! If you don't see the hazard, please don't try to find it; just trust me on this.
++ If you do decide to use this library in a production environment, make sure that only specific commands can be run and file access is limited by using AppArmor. +
sys_get takes the name of an environment variable and returns the value of the variable.
diff --git a/extra/mysqludfsys/lib_mysqludf_sys/lib_mysqludf_sys.sql b/extra/mysqludfsys/lib_mysqludf_sys/lib_mysqludf_sys.sql
index 7abb3d012..6fb7933ba 100644
--- a/extra/mysqludfsys/lib_mysqludf_sys/lib_mysqludf_sys.sql
+++ b/extra/mysqludfsys/lib_mysqludf_sys/lib_mysqludf_sys.sql
@@ -1,23 +1,23 @@
-/*
- lib_mysqludf_sys - a library with miscellaneous (operating) system level functions
- Copyright (C) 2007 Roland Bouman
- Copyright (C) 2008-2009 Roland Bouman and Bernardo Damele A. G.
- web: http://www.mysqludf.org/
- email: mysqludfs@gmail.com, bernardo.damele@gmail.com
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
- License as published by the Free Software Foundation; either
- version 2.1 of the License, or (at your option) any later version.
-
- This library is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this library; if not, write to the Free Software
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+/*
+ lib_mysqludf_sys - a library with miscellaneous (operating) system level functions
+ Copyright (C) 2007 Roland Bouman
+ Copyright (C) 2008-2009 Roland Bouman and Bernardo Damele A. G.
+ web: http://www.mysqludf.org/
+ email: roland.bouman@gmail.com, bernardo.damele@gmail.com
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
DROP FUNCTION IF EXISTS lib_mysqludf_sys_info;
diff --git a/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.patch b/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.patch
index 1eb0ec338..7e09a9bc7 100644
--- a/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.patch
+++ b/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.patch
@@ -47,7 +47,7 @@ diff -uN lib_mysqludf_sys_0.0.2/install.sh lib_mysqludf_sys/install.sh
+fi
Binary files lib_mysqludf_sys_0.0.2/lib_mysqludf_sys_0.0.2.tar.gz and lib_mysqludf_sys/lib_mysqludf_sys_0.0.2.tar.gz differ
diff -uN lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.c lib_mysqludf_sys/lib_mysqludf_sys.c
---- lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.c 2009-01-21 20:52:54.000000000 +0000
+--- lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.c 2009-01-22 12:01:55.000000000 +0000
+++ lib_mysqludf_sys/lib_mysqludf_sys.c 2009-01-21 00:06:13.000000000 +0000
@@ -1,8 +1,9 @@
/*
@@ -177,24 +177,146 @@ diff -uN lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.c lib_mysqludf_sys/lib_mysqludf
+
#endif /* HAVE_DLOPEN */
+diff -uN lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.html lib_mysqludf_sys/lib_mysqludf_sys.html
+--- lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.html 2009-01-22 12:01:55.000000000 +0000
++++ lib_mysqludf_sys/lib_mysqludf_sys.html 2009-01-22 10:21:46.000000000 +0000
+@@ -23,7 +23,8 @@
+ This library lib_mysqludf_sys contains a number of functions that allows one to interact with the operating system.
+
sys_exec - executes an arbitrary command, and can thus be used to launch an external application.sys_eval - executes an arbitrary command, and returns it's output.sys_exec - executes an arbitrary command, and returns it's exit code.sys_get - gets the value of an environment variable.sys_set - create an environment variable, or update the value of an existing environment variable.lib_mysqludf_sys_info() to obtain information about the currently installed version of lib_mysqludf_sys.
+
+
++
++
++ sys_eval takes one command string argument and executes it, returning its output.
++
sys_eval(arg1)++
arg1++ Place the shared library binary in an appropriate location. ++ Log in to mysql as root or as another user with sufficient privileges, and select any database. ++ Then, create the function using the following DDL statement: ++
++++CREATE FUNCTION sys_eval RETURNS STRING SONAME 'lib_mysqludf_sys.so'; ++++
++ The function will be globally available in all databases. ++
++++ The deinstall the function, run the following statement: ++
++++DROP FUNCTION sys_eval; ++++
++ None yet ++
++
++ Be very careful in deciding whether you need this function.
++ UDFs are available to all database users - you cannot grant EXECUTE privileges for them.
++ As the commandstring passed to sys_exec can do pretty much everything,
++ exposing the function poses a very real security hazard.
++
++ Even for a benign user, it is possible to accidentally do a lot of damage with it. ++ The call will be executed with the privileges of the os user that runs MySQL, ++ so it is entirely feasible to delete MySQL's data directory, or worse. ++
++++ The function is intended for specialized MySQL applications where one needs extended ++ control over the operating system. ++ Currently, we do not have UDF's for ftp, email and http, ++ and this function can be used to implement such functionality in case it is really necessary ++ (datawarehouse staging areas could be a case in example). ++
++++ You have been warned! If you don't see the hazard, please don't try to find it; just trust me on this. ++
++++ If you do decide to use this library in a production environment, make sure that only specific commands can be run and file access is limited by using AppArmor. ++
++ +
+ sys_exec takes one command string argument and executes it.
+@@ -92,6 +159,9 @@
+
+ You have been warned! If you don't see the hazard, please don't try to find it; just trust me on this. +
++++ If you do decide to use this library in a production environment, make sure that only specific commands can be run and file access is limited by using AppArmor. ++
+
+ sys_get takes the name of an environment variable and returns the value of the variable.
Binary files lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.so and lib_mysqludf_sys/lib_mysqludf_sys.so differ
diff -uN lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.sql lib_mysqludf_sys/lib_mysqludf_sys.sql
---- lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.sql 2009-01-21 20:52:54.000000000 +0000
-+++ lib_mysqludf_sys/lib_mysqludf_sys.sql 2009-01-21 00:51:00.000000000 +0000
-@@ -1,8 +1,9 @@
- /*
- lib_mysqludf_sys - a library with miscellaneous (operating) system level functions
- Copyright (C) 2007 Roland Bouman
+--- lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.sql 2009-01-22 12:01:55.000000000 +0000
++++ lib_mysqludf_sys/lib_mysqludf_sys.sql 2009-01-22 10:21:53.000000000 +0000
+@@ -1,30 +1,33 @@
+-/*
+- lib_mysqludf_sys - a library with miscellaneous (operating) system level functions
+- Copyright (C) 2007 Roland Bouman
- web: http://www.xcdsql.org/MySQL/UDF/
- email: mysqludfs@gmail.com
-+ Copyright (C) 2008-2009 Roland Bouman and Bernardo Damele A. G.
-+ web: http://www.mysqludf.org/
-+ email: mysqludfs@gmail.com, bernardo.damele@gmail.com
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public
-@@ -19,12 +20,14 @@
- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+-
+- This library is free software; you can redistribute it and/or
+- modify it under the terms of the GNU Lesser General Public
+- License as published by the Free Software Foundation; either
+- version 2.1 of the License, or (at your option) any later version.
+-
+- This library is distributed in the hope that it will be useful,
+- but WITHOUT ANY WARRANTY; without even the implied warranty of
+- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+- Lesser General Public License for more details.
+-
+- You should have received a copy of the GNU Lesser General Public
+- License along with this library; if not, write to the Free Software
+- Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
++/*
++ lib_mysqludf_sys - a library with miscellaneous (operating) system level functions
++ Copyright (C) 2007 Roland Bouman
++ Copyright (C) 2008-2009 Roland Bouman and Bernardo Damele A. G.
++ web: http://www.mysqludf.org/
++ email: roland.bouman@gmail.com, bernardo.damele@gmail.com
++
++ This library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ This library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with this library; if not, write to the Free Software
++ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
-drop function lib_mysqludf_sys_info;
@@ -217,7 +339,7 @@ diff -uN lib_mysqludf_sys_0.0.2/lib_mysqludf_sys.sql lib_mysqludf_sys/lib_mysqlu
+CREATE FUNCTION sys_exec RETURNS int SONAME 'lib_mysqludf_sys.so';
+CREATE FUNCTION sys_eval RETURNS string SONAME 'lib_mysqludf_sys.so';
diff -uN lib_mysqludf_sys_0.0.2/Makefile lib_mysqludf_sys/Makefile
---- lib_mysqludf_sys_0.0.2/Makefile 2009-01-21 20:52:54.000000000 +0000
+--- lib_mysqludf_sys_0.0.2/Makefile 2009-01-22 12:01:55.000000000 +0000
+++ lib_mysqludf_sys/Makefile 2009-01-19 09:11:00.000000000 +0000
@@ -1,6 +1,4 @@
-linux: \
diff --git a/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.tar.gz b/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.tar.gz
index 867bcd192..f4af75392 100644
Binary files a/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.tar.gz and b/extra/mysqludfsys/lib_mysqludf_sys_0.0.3.tar.gz differ