By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,853 Members | 1,034 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,853 IT Pros & Developers. It's quick & easy.

Differences between DATA INFILE and LOAD DATA LOCAL INFILE ?

P: n/a
What are the differences between LOAD DATA INFILE and LOAD DATA LOCAL INFILE
?

I found some web hosting company do not allow using LOAD DATA INFILE but
allow LOAD DATA LOCAL INFILE. The reason is for the sake of security. What
does that mean ?
Jul 23 '05 #1
Share this Question
Share on Google+
1 Reply


P: n/a
Ray in HK wrote:
What are the differences between LOAD DATA INFILE and LOAD DATA LOCAL INFILE?
LOAD DATA LOCAL INFILE reads a file that is on the machine where you are
running the mysql client. For example, your PC. The file must be sent
over the network to the MySQL server host.

LOAD DATA INFILE reads a file that is already on the machine running the
mysql server. For example, the server at your web hosting company.

This is described on this web page:
http://dev.mysql.com/doc/mysql/en/load-data.html
I found some web hosting company do not allow using LOAD DATA INFILE but
allow LOAD DATA LOCAL INFILE. The reason is for the sake of security. What
does that mean ?


There's no way in MySQL to limit _which_ files can be read with LOAD
DATA INFILE; all files that are readable by the user id of the mysqld
process on the server would be readable.

You could use this command to read many file on the system that you
wouldn't have access to read as a customer of a web hosting service, and
then import the text from that file into a MySQL table.

Then you'd write a simple CGI script to display the text stored in the
MySQL database, thus allowing yourself (or the whole internet) to read
system files or other information that the web hosting company doesn't
want to be public.

So it makes sense that a web hosting company would want to restrict
access to LOAD DATA INFILE. However, I'm not sure how they're
accomlishing this while permitting LOAD DATA LOCAL INFILE; there is only
one GRANT privilege called "FILE" which permits or denies use of LOAD
DATA INFILE and SELECT... INTO OUTFILE. There is nothing mentioned in
the MySQL page http://dev.mysql.com/doc/mysql/en/grant.html to permit
LOAD DATA LOCAL INFILE while denying LOAD DATA INFILE.

Regards,
Bill K.
Jul 23 '05 #2

This discussion thread is closed

Replies have been disabled for this discussion.