[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
On Sunday 28 August 2005 10:21 am, John Palmer wrote: > I'm sure Neil Williams has thought this out carefully, but on his scheme > (i.e. mysqladmin password blank) what exactly stops some awkward person > from running > mysqladmin drop <some-vital-database> ? ? There's confusion here. I'm talking about the packaging user created in the user table in MySQL itself that provides access for the installation helper. This can be secured by revoking some privileges for that user, preventing access to specific databases (or tables). That leaves the installation/update route open for new databases supporting newly installed packages. If, as I said before, you aren't going to be updating / installing such packages, secure this fully. This page covers such a secure setup: http://dev.mysql.com/doc/mysql/en/security-guidelines.html mysqladmin is different - that IS a representation of the root user on the real system (or it should be) when run as root user. Otherwise it uses the current user. Secure it for the current user with a password but the root user should be secure anyway. Setting a mysqladmin password is fine, just don't delete the packaging user from the mysql.user table. Getting access with -uroot still requires access to the local machine (unless you've been silly and enabled that user outside localhost). http://dev.mysql.com/doc/mysql/en/default-privileges.html Check your own installation mysql.user table. Ordinary users should not be able to access any of the mysql database tables. -- Neil Williams ============= http://www.data-freedom.org/ http://www.nosoftwarepatents.com/ http://www.linux.codehelp.co.uk/
Attachment:
pgp6mmQRSCzyT.pgp
Description: PGP signature