Prevent mysql drop to shell?

[rhm.geerts]

Suppose I need to change my mysql tmp directory from /tmp to /mysqltmp because it's filling up my secured /tmp directory (which is 4 GB).

Isn't this causing a security issue, when a user drops to shell?
So can yo explain what is to prevent a user from escaping to a MySQL Shell prompt (which can be easily done), and be able to list all of our customers backups?
Do I have do certain things to prevent this?

 

[cPanelMichael]

Hello

Could you provide an example of the exact commands you are running with shell access for a user that concerns you? The results should help give us a better understanding of the exact scenario you are describing.

Thank you.

 

[rhm.geerts]

No I'm sorry. I've just read that this might be possible. I quoted it from here, because I wondered if this was true and I did not see any answer:
https://forums.cpanel.net/f5/drive-critical-dev-loop0-var-tmp-97-full-190772-p3.html#post1245831

 

[cPanelMichael]

A user should not have access to the alternate temporary directory configured with MySQL. Feel free to let us know of a specific method to reproduce this issue so we can test further.

Thank you.

 

[rhm.geerts]

In that case I think there is no problem.
I read that question from the other user and thought there might be an problem and just would like to know if he had a point,
But then again... if there was an issue, it probably would also be present in the normal /tmp folder, because both are set 1777.

Thank you for the quick reply's, we can consider this thread solved.