MySQL Variables secure_file_priv 数据库 参数变量解释及正确配置使用
本站中文解释
secure_file_priv 是MySQL的一个系统变量。它用于设置MySQL服务器可以读取和写入的文件存储位置,只有在该路径下的文件才可以被访问。
要设置 secure_file_priv 变量,可以使用以下语句:
SET GLOBAL secure_file_priv = ‘设置存储位置’ ;
例如,可以使用以下语句将 secure_file_priv 设置为/var/tmp:
SET GLOBAL secure_file_priv = ‘/var/tmp’ ;
官方英文解释
secure_file_priv
| Command-Line Format | --secure-file-priv=dir_name |
|---|---|
| System Variable | secure_file_priv |
| Scope | Global |
| Dynamic | No |
| Type | String |
| Default Value | platform specific |
| Valid Values |
|
This variable is used to limit the effect of data import and
export operations, such as those performed by the
LOAD DATA and
SELECT ... INTO statements and the
OUTFILE
LOAD_FILE() function. These
operations are permitted only to users who have the
FILE privilege.
secure_file_priv may be set
as follows:
-
If empty, the variable has no effect. This is not a secure
setting. -
If set to the name of a directory, the server limits
import and export operations to work only with files in
that directory. The directory must exist; the server does
not create it. -
If set to
NULL, the server disables
import and export operations.
The default value is platform specific and depends on the
value of the INSTALL_LAYOUT
CMake option, as shown in the following
table. To specify the default
secure_file_priv value
explicitly if you are building from source, use the
INSTALL_SECURE_FILE_PRIVDIR
CMake option.
INSTALL_LAYOUT Value |
Default secure_file_priv Value |
|---|---|
STANDALONE, WIN |
NULL (>= MySQL 5.7.16), empty (< MySQL 5.7.16) |
DEB, RPM, SLES,SVR4 |
/var/lib/mysql-files |
| Otherwise | mysql-files under theCMAKE_INSTALL_PREFIX value |
To set the default
secure_file_priv value for
the libmysqld embedded server, use the
INSTALL_SECURE_FILE_PRIV_EMBEDDEDDIR
CMake option. The default value for this
option is NULL.
The server checks the value of
secure_file_priv at startup
and writes a warning to the error log if the value is
insecure. A non-NULL value is considered
insecure if it is empty, or the value is the data directory or
a subdirectory of it, or a directory that is accessible by all
users. If secure_file_priv is
set to a nonexistent path, the server writes an error message
to the error log and exits.
