MariaDB client patch to prevent local command execution as root user

sql-client-patch

--- mariadb-5.5.31/client/mysql.cc	2013-07-14 01:13:16.594865591 -0300
+++ mariadb-5.5.31-safe-client/client/mysql.cc	2013-07-14 01:13:19.358678907 -0300
@@ -93,6 +93,11 @@
 #define HAVE_READLINE
 #define USE_POPEN
 #endif
+
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif /* HAVE_PWD_H */
+
 }
 
 #if !defined(HAVE_VIDATTR)
@@ -3995,22 +4000,29 @@
 {
   char *shell_cmd;
 
-  /* Skip space from line begin */
-  while (my_isspace(charset_info, *line))
-    line++;
-  if (!(shell_cmd = strchr(line, ' ')))
-  {
-    put_info("Usage: \\! shell-command", INFO_ERROR);
-    return -1;
-  }
-  /*
-    The output of the shell command does not
-    get directed to the pager or the outfile
-  */
-  if (system(shell_cmd) == -1)
-  {
-    put_info(strerror(errno), INFO_ERROR, errno);
+  // Check if we're root user
+  if (geteuid() == 0) {
+    // Then deny command execution
+    put_info("Sorry, but you cannot execute commands as root user.", INFO_ERROR);
     return -1;
+  } else {
+    /* Skip space from line begin */
+    while (my_isspace(charset_info, *line))
+      line++;
+    if (!(shell_cmd = strchr(line, ' ')))
+    {
+      put_info("Usage: \\! shell-command", INFO_ERROR);
+      return -1;
+    }
+    /*
+      The output of the shell command does not
+      get directed to the pager or the outfile
+    */
+    if (system(shell_cmd) == -1)
+    {
+      put_info(strerror(errno), INFO_ERROR, errno);
+      return -1;
+    }
   }
   return 0;
 }