List:General Discussion« Previous MessageNext Message »
From:Shawn Green (MySQL) Date:December 27 2011 4:08pm
Subject:Re: mysql_secure_installation
View as plain text  
Hello Ryan,

On 12/18/2011 15:36, Ryan Dewhurst wrote:
> Hi,
> Does anyone know why what's done in 'mysql_secure_installation' [0]
> isnot part of the default mysql installation?
> [0] http://dev.mysql.com/doc/refman/5.0/en/mysql-secure-installation.html
> Thank you,Ryan Dewhurst
> P.S. I also asked this question on the
> forums:http://forums.mysql.com/read.php?30,506069,506069#msg-506069
>

The script simply automates the steps documented in our manual, here:
http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html

If you want to see the script in action:
* repeat a fresh install
* enable the General Query Log
* run the script.

The General Query Log stores a copy of every command sent to a MySQL 
server before the server even parses it. It's there as a diagnostic tool 
and should not be enabled on a production machine unless there is a 
specific need to do so.

The steps of 'mysql_secure_installation' are not performed by default 
because many people want to just get to know MySQL before putting it 
into full production. This is most easily performed (especially in a 
classroom setting) with an unsecured installation. Also the steps to 
secure the installation can be leveraged as an excellent teaching tool for:

a) How MySQL accounts are authenticated
b) Where the account information is stored
c) The different levels of authentication supported by MySQL.

For those who don't want to read or learn, or for those who simply want 
to automate their installation, there is the script.

-- 
Shawn Green
MySQL Principal Technical Support Engineer
Oracle USA, Inc. - Hardware and Software, Engineered to Work Together.
Office: Blountville, TN
Thread
mysql_secure_installationRyan Dewhurst18 Dec
  • Re: mysql_secure_installationMySQL)27 Dec
    • Re: mysql_secure_installationRyan Dewhurst29 Dec
      • Re: mysql_secure_installationReindl Harald29 Dec