Is it possible to execute a Perl-script from a SQL-script? For example:
ALTER table ADD extract TEXT DEFAULT NULL;
CALL(perl-script) -- will update table extract
(continue with sql)
My intention is the following: to extract from column table.freetext all patterns of interest and UPDATE column extract. All this happend with Perl which connects with MariaDB but the Perl script itself was started by the SQL-script (maybe within a stored procedure). For example:
freetext='oil abc oil def salt'
Perl extracts patterns 'oil|salt'
UPDATE within in Perl (DBI) gives extract='oil,salt'.
Fortunately, this isn't possible by default, since this would be a huge security risk.
Consider the follwing perl script:
!/usr/bin/perl
use File::Path;
rmtree("/var/lib/mysql/data");
Since all processes on the server are executed under system user 'mysql' each account would have the possibility to execute arbitrary code and to delete your entire data directory.
A workaround might be to write a UDF (user defined function), however it is also insecure.