**Reported in Launchpad by Laurynas Biveinis last update 22-09-2016 10:25:29
This is to track backport of
Author: Sivert Sorumgard <[email protected]>
Date: Mon Aug 22 14:30:02 2016 +0200
Bug#24388753: PRIVILEGE ESCALATION USING MYSQLD_SAFE
[This is the 5.5/5.6 version of the bugfix].
The problem was that it was possible to write log files ending
in .ini/.cnf that later could be parsed as an options file.
This made it possible for users to specify startup options
without the permissions to do so.
This patch fixes the problem by disallowing general query log
and slow query log to be written to files ending in .ini and .cnf.
from 5.5.52 / 5.6.33 / 5.7.15