[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: KDE 4.2 requires local MySQL Server



On Wed, Feb 18, 2009 at 5:56 PM, Kevin Kofler <kevin kofler chello at> wrote:
> Aldo Foot wrote:
>> So you're suggesting that because you have a firewall it's ok to
>> have accounts without passwords? My sense of system security is
>> very different from your own... so maybe it's ok with you.
>> BTW - the accounts I was referring to are those created by mysql, which
>> are different from the system accounts.
>> And yes, I know how installs and firewall relate.
>
> The "account" is only accessible for the current user, the mysqld is
> configured to only listen on a local Unix socket only accessible to the
> current user. So there's no security risk whatsoever at all.
>
>        Kevin Kofler

Thanks for the explanation. Maybe I'm a bit paranoid about no passwords on
any account type

As Rick pointed out this idea I introduced is not inline withe the
OP's question, but
I'll just throw this in:

Remember that when one installs mysql there is a warning to give a password
to the root account --this is what I initially had in mind.

Just for reference:
http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html

"Accounts with the user name root are created. These are superuser
accounts that can do anything. The initial root account passwords are
empty, so anyone can connect to the MySQL server as root — without a
password — and be granted all privileges."

I believe the above refers to a local login and not coming from a TCP
connection. I should have made the distinction earlier. My bad.
Anyways... it could be problematic to have a bunch of records and have some
account with full access wipe things out.

it's been a long day.
~af


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]