diff --git a/mariadb.spec b/mariadb.spec
index 8906e72..7ecf938 100644
--- a/mariadb.spec
+++ b/mariadb.spec
@@ -1403,8 +1403,10 @@ fi
 
 %changelog
 * Fri Jun 09 2017 Honza Horak <hhorak@redhat.com> - 3:10.1.24-3
-  Downstream script mariadb-prepare-db-dir fixed for CVE-2017-3265
+- Downstream script mariadb-prepare-db-dir fixed for CVE-2017-3265
   Resolves: #1458940
+- Check properly that datadir includes only expected files
+  Related: #1356897
 
 * Wed Jun 07 2017 Michal Schorm <mschorm@redhat.com> - 3:10.1.24-2
 - Fixed incorrect Jemalloc initialization; #1459671
diff --git a/mysql-prepare-db-dir.sh b/mysql-prepare-db-dir.sh
index b690f64..785ddc2 100644
--- a/mysql-prepare-db-dir.sh
+++ b/mysql-prepare-db-dir.sh
@@ -5,24 +5,27 @@
 
 source "`dirname ${BASH_SOURCE[0]}`/mysql-scripts-common"
 
+export LC_ALL=C
+
 # Returns content of the specified directory
 # If listing files fails, fake-file is returned so which means
 # we'll behave like there was some data initialized
+# Some files or directories are fine to be there, so those are
+# explicitly removed from the listing
 # @param <dir> datadir
-ls_check_datadir ()
+list_datadir ()
 {
-    ls -A "$1" 2>/dev/null
-    test $? -eq 0 || echo "fake-file"
+    ( ls -1A "$1" 2>/dev/null || echo "fake-file" ) | grep -v \
+    -e '^lost+found$' \
+    -e '\.err$' \
+    -e '^.bash_history$'
 }
 
 # Checks whether datadir should be initialized
 # @param <dir> datadir
 should_initialize ()
 {
-    case `ls_check_datadir "$1"` in
-    ""|lost+found|*.err) true ;;
-    *) false ;;
-    esac
+    test -z "$(list_datadir "$1")"
 }
 
 # If two args given first is user, second is group