lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: seclists at (Tom Crimmins)
Subject: MySQL and the user "su"

I have today determined that I can connect to a local MySQL-server per
 "mysql -usu".  I regard that to error, can that someone confirm?

This is not an error. You should by default be able to connect with any user
from localhost, but you will not have privileges to do anything else. This
is because the mysql install by default sets up permissions this way. You
could verify this yourself by connecting as root, and executing the
following query:

SELECT * FROM mysql.user;

The row that applies in this case is the one with Host='localhost' and
User=''. You can delete this row if you do not want this behavior. You must
do a "flush privileges;" after deleting the row.

Tom Crimmins
Interface Specialist
Pottawattamie County, Iowa

Powered by blists - more mailing lists