List:Internals« Previous MessageNext Message »
From:Paul Cadach Date:January 6 2002 3:33am
Subject:Fw: MySQL design comments. --skip-grant-tables
View as plain text  
Hi,

I just want to show my point of view to this thread...

----- Original Message -----
From: "Michael Widenius" <monty@stripped>
To: "Alexander Keremidarski" <salle@stripped>
Cc: <internals@stripped>
Sent: Saturday, January 05, 2002 8:09 PM
Subject: Re: MySQL design comments. --skip-grant-tables


> >> When you have a LOT of users, you must make things a bit less secure
> >> by default to get things to work at all.

I don't think installing with passwordless 'root' user is very unsecure.
Anyway root must prepare something (user account, directories, etc.) to
install MySQL, so he/she can install MySQL too, then assign password to
pipe's user 'root' at MySQL server. BTW, user root is passwordless only for
unix pipe connection, not for TCP/IP (because host field in mysql.user table
is empty, not wildcard '%'), so this installation is secure unless local
(console, telnet) user tries to connect with root by specifing '-u root'
arguments to mysql (other) commands. I think it's not too important for
post-installation time. In exceptional case the server admin sets root
password and kills other connections, then delete any records in mysql.*
tables which appears to be wrong...

> >> error: 'Access denied for user: 'root@localhost' (Using password: YES)'
> >> what am i doing wrong?
>
> This happens if:
>
> - The user has used a wrong password.
> - The user is using a password, but one has not defined a password for
>    MySQL.

> Alexander> There is another point. I vote against using user root for
MySQL admin user.
> Alexander> Many users (unix) are confused with this. They can't see
difference
> Alexander> between Shell User and MySQL User. I hope you will aggree that
MySQL
> Alexander> Admin and Server Admin are different roles, but with current
default
> Alexander> install it is hindered.
>
> We have thought about this a great deal.  The problem is that if we
> would have chosen something else, the user would have yet another thing to
> remember.  Changing this would also cause a lot of confusion among old
> MySQL users; What is worse, all the numerous published books that
> describes MySQL would contain wrong information.

After installation MySQL's root can grant all privileges to someone else
then newly granted admin can remove any privileges from root. It's not too
hard.
2Monty: may be this could be done by a little script/application? For
example, mysqlnewadmin...


WBR,
Paul.


Thread
Fw: MySQL design comments. --skip-grant-tablesPaul Cadach6 Jan