| List: | Bugs | « Previous MessageNext Message » | |
| From: | Michael Widenius | Date: | June 4 2000 11:57am |
| Subject: | Re: serious bug allows anyone access to database as root | ||
| View as plain text | |||
Hi! >>>>> "sasha" == sasha <sasha@stripped> writes: sasha> Matt Vermette wrote: >> >> I have been able to replicate this on RedHat 6.2, Kernel 2.2.15 compiled on an > i486, with MySQL 3.22.32 sasha> The problem has to do with the fact that by default, the priv system allows you sasha> to connect as any user to the from localhost because of % entry in the user sasha> table - to fix: sasha> mysql -uroot mysql mysql> delete from user where user = '%'; mysql> flush privileges; Just to clarify; If you use -u root-p you are logged in as an anonymous user that only has access to the test databases (databases which names start with 'test') Regards, Monty
| Thread | ||
|---|---|---|
| • substring incorrect syntax causes crash | John Calder | 30 May |
| • substring incorrect syntax causes crash | Michael Widenius | 30 May |
| • serious bug allows anyone access to database as root | Brad Johnson | 30 May |
| • RE: serious bug allows anyone access to database as root | jason | 30 May |
| • Re: serious bug allows anyone access to database as root | Michael Labbe | 30 May |
| • No Risk - Re: serious bug allows anyone access to database as root | Nick Lindridge | 31 May |
| • RE: serious bug allows anyone access to database as root | Matt Vermette | 30 May |
| • Re: serious bug allows anyone access to database as root | sasha | 31 May |
| • Re: serious bug allows anyone access to database as root | Michael Widenius | 5 Jun |