Are these mySQL user settings vulnerable?

Posted by Kavon Farvardin on Server Fault See other posts from Server Fault or by Kavon Farvardin
Published on 2010-03-22T13:27:53Z Indexed on 2010/03/22 13:31 UTC
Read the original article Hit count: 340

Filed under:

mysql

|

user-management

|

linux

screenshot

I'm using myphpadmin to manage the databases and I'm new to SQL in general. Am I suppose to keep an open anonymous user on localhost so things like drupal can access mySQL? It seems like having a non-passworded root on my server's hostname is retarded but I don't know what I'm doing with this in general. The user who's name starts with a b is the one I use to login and do things like make a database.

© Server Fault or respective owner

Related posts about mysql

How to remove MySQL completely with config and library files on ubuntu 12.04 gnome 3.0

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I tried everything till now: sudo apt-get remove mysql-server mysql-client mysql-common sudo apt-get purge mysql-server mysql-client mysql-common sudo apt-get autoremove and even more commands... But whenever I am trying to locate mysql. I get a no. of files related to mysql command: shell>>… >>> More
mysql: Cannot load from mysql.proc. The table is probably corrupted

as seen on Server Fault - Search for 'Server Fault'
Mysql was started: /usr/bin/mysqld_safe --datadir=/srv/mysql/myDB --log-error=/srv/mysql/logs/mysqld-myDB.log --pid-file=/srv/mysql/pids/mysqld-myDB.pid --user=mysql --socket=/srv/mysql/sockets/mysql-myDB.sock --port=3700 but when I'm trying to do something: ERROR 1548 (HY000) at line 1: Cannot… >>> More
Why is there a /etc/init.d/mysql file on this Slackware machine? How could it have gotten there?

as seen on Server Fault - Search for 'Server Fault'
A client of my IT-consulting service owns a web-development shop. He's been having problems with a Slackware 12.0 server running MySQL 5.0.67. The machine was set up by the client's sysadmin, who left on bad terms. My client no longer employs a sysadmin. As far as I can tell, the only copy of MySQL… >>> More
mysql: Bind on unix socket: Permission denied

as seen on Server Fault - Search for 'Server Fault'
Can't start mysql with: sudo /usr/bin/mysqld_safe --datadir=/srv/mysql/myDB --log-error=/srv/mysql/logs/mysqld-myDB.log --pid-file=/srv/mysql/pids/mysqld-myDB.pid --user=mysql --socket=/srv/mysql/sockets/mysql-myDB.sock --port=3700 120222 13:40:48 mysqld_safe Starting mysqld daemon with databases… >>> More
MySQL – Learning MySQL Online in 6 Hours – MySQL Fundamentals in 320 Minutes

as seen on SQL Authority - Search for 'SQL Authority'
MySQL is one of the most popular database language and I have been recently working with it a lot. Data have no barrier and every database have their own place. I have been working with MySQL for quite a while and just like SQL Server, I often find lots of people asking me if I have a tutorial which… >>> More

Related posts about user-management

User management API

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi, I am developing an application suite where users will need to connect to a server and depending on their account type they will be given some services. The server will run Linux. Can you please suggest me some user management API which I can use to develop the server program? By user management… >>> More
User management for google apps

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi guys, I'm modifying our collaboration system so it can be listed on google applications. A small issue I'm facing is the registering of user details. By default whenever someone logs into their google Apps account they pretty much are logged into the application. For every action taken by a registered… >>> More
User management for custom application built on google apps

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi guys, I'm modifying our collaboration system so it can be listed on google applications. A small issue I'm facing is the registering of user details. By default whenever someone logs into their google Apps account they pretty much are logged into the application. For every action taken by a registered… >>> More
Which is a good opensource user management system?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm new to php/mySQL and am trying to create a website which will allow users to register. In future, there will be a paid content area where content will be shown based on the payment status. Is there a good opensource lightweight framework which takes care of the user management part? (Register… >>> More
SugarCRM - how to customize user management tools?

as seen on Stack Overflow - Search for 'Stack Overflow'
I'm new to using SugarCRM. I want to have a users page that does the following: 1) allow a user to create sub-users, and each sub-user can then create additional sub users 2) display users in an expandable and collapse-able hierarchical tree structure. 3) add more attributes to each user Does… >>> More