No need to disable LOAD DATA LOCAL INFILE when open_basedir restrictions and/or safe_mode are enabled #11088
Labels
Enhancement
For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc.
Milestone
When you use a remote MySQL server and can't get FILE privilege, i.e. AWS RDS, you need LOAD DATA LOCAL INFILE capability. For some reason that was an issue in PHP when
open_basedir
orsafe_mode
were enabled and their workaround was to just disable it. However it's been fixed since last year, for PHP version5.6.17
and above and whenmysqlnd
is used. See the fix here: php/php-src@be6fd4bThere is a similar workaround in Piwik codebase (see https://github.com/piwik/piwik/blob/9243b9a7b6fae8237596f76cda1fe8b6816463af/core/Db/BatchInsert.php#L193). I think that should be removed, perhaps conditionally for PHP 5.6.17+.
open_basedir
andsafe_mode
are not the ultimate security measures but still, it would be good to enable them and haveSecurity
andSystem Check
pages on Piwik all-green as well as LOAD DATA LOCAL INFILE working as it should.The text was updated successfully, but these errors were encountered: