Ubuntu
mysql-5.1 package

GREP_OPTIONS is evil

Bug #75031 reported by Christian Holtje
2
Affects Status Importance Assigned to Milestone
mysql-5.1 (Ubuntu)
Invalid
Low
Unassigned

Bug Description

Binary package hint: mysql-server-5.0

If you wish to prevent mysql from starting up, put this in your shell's startup files:

export GREP_OPTIONS='-E'

Why does this cause problems? Because when you run the init.d files, you get:
grep: conflicting matchers specified

And then the server doesn't start up.

Personally, I think GREP_OPTIONS is evil and am in the process of removing it from my shell start up scripts.

This could be a potential security hole since just setting this environment variable can make shell scripts and their like to take the wrong actions. True, it's probably not easily open to malicious usage, but I could craft a script that would behave correctly unless a certain GREP flag was set, at which point it would do the exact opposite that it was expected to do.

Ciao!

Revision history for this message
Kees Cook (kees) wrote :

Thanks for the report!

Anyone with the access to start/stop system services generally has a very large ability to disrupt the operation of the system, so I'm going to unflag this as a security issue.

Currently sudo will preserve the environment if you can have full privs, otherwise the environment is cleaned. If you want to force a clean env at all times, you can add:

Defaults env_reset

to your /etc/sudoers.

Revision history for this message
Christian Holtje (docwhat) wrote :

I don't disagree, but thought it worth adding:

I wasn't worried about the super user being malicious, but rather the script writer (accidentally or deliberately) created a script where it would behave correctly and everyone used it, unless you set GREP_OPTIONS where a feature that, when invoked deliberately was a good feature, would cause destruction or the like.

Ciao!

Revision history for this message
Mathias Gug (mathiaz) wrote :

I cannot reproduce your test case on the latest version of mysql, in Gutsy.

Can you specify which version you're using ?

Changed in mysql-dfsg-5.0:
importance: Undecided → Low
status: New → Incomplete
Revision history for this message
Christian Holtje (docwhat) wrote :

In the version I now have in feisty, -E no longer causes a problem.

However, you can cause problems with GREP_OPTIONS="-P" which causes
the "egrep -q" commands to always return true.

In addition, using something like GREP_OPTIONS="--color=always" can
also mess up anything that needs to parse the output of grep.

May I suggest that all init.d scripts start with 'unset GREP_OPTIONS'? Or maybe put it in /lib/lsb/init-functions?

Ciao!

Mathias Gug (mathiaz)
Changed in mysql-dfsg-5.0:
status: Incomplete → Triaged
Chuck Short (zulcss)
affects: mysql-dfsg-5.0 (Ubuntu) → mysql-dfsg-5.1 (Ubuntu)
affects: mysql-dfsg-5.1 (Ubuntu) → mysql-5.1 (Ubuntu)
Revision history for this message
Clint Byrum (clint-fewbar) wrote :

Only hardy would be affected by this.. all others use upstart. Closing bug report.

Changed in mysql-5.1 (Ubuntu):
status: Triaged → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.