I never worked on anything as complex as mysql, and I'm definitely not trying to say "well durr hurr see you should use postgres since mysql is developed by morons".

But how on earth do you end up with a design like that? I've done a lot of network development, including file transfers, but never ended up in a situation where I was like "uh, this is totally backwards and can easily be exploited, but doing it the right way is an order of magnitude harder." Imagine HTTP PUT would work that way.

I'd really love to learn how they ended up with this. The past has shown that in most cases there is an explanation that's at least somewhat understandable.