List:General Discussion« Previous MessageNext Message »
From:Tonu Samuel Date:August 24 2000 3:18pm
Subject:Re: Security alert: phpmyadmin
View as plain text  
Van wrote:

> Thanks for the heads up.  Should it matter that someone could make a modified
> client for this user if the following are in place?
> 
> 1.      Firewall on MySQL port to DENY all but trusted hosts;
> 2.      No grants for this user except localhost;

running MySQL server with flag --skip-networking even more effective :).
Seriously.

> 3.      Only grant is select on mysql.user for the user in PHPMyAdmin.


-- 
+----------------------------------------------------------------+
| TcX  ____  __     _____   _____  ___                           |
|     /*/\*\/\*\   /*/ \*\ /*/ \*\ |*|     Tõnu Samuel           |
|    /*/ /*/ /*/   \*\_   |*|   |*||*|     tonu@stripped        |
|   /*/ /*/ /*/\*\/*/  \*\|*|   |*||*|     Tallinn, Estonia      |
|  /*/     /*/  /*/\*\_/*/ \*\_/*/ |*|____                       |
|  ^^^^^^^^^^^^/*/^^^^^^^^^^^\*\^^^^^^^^^^^                      |
|             /*/             \*\                Developers Team |
+----------------------------------------------------------------+
Thread
How large a database can mySQL handle?Jeff Schwartz11 Mar
  • Re: How large a database can mySQL handle?Van12 Mar
    • Re: How large a database can mySQL handle?Michael Widenius12 Mar
  • Re: How large a database can mySQL handle?Henrique Pantarotto12 Mar
  • Re: How large a database can mySQL handle?David Sklar12 Mar
  • RE: How large a database can mySQL handle?Brett Error12 Mar
  • Re: Security alert: phpmyadminVan24 Aug
    • Re: Security alert: phpmyadminMichael Widenius28 Aug
  • Re: Security alert: phpmyadminTonu Samuel24 Aug
  • Re: Security alert: phpmyadminEd Wang24 Aug
  • Re: Security alert: phpmyadminRolf Hopkins25 Aug
    • Re: Security alert: phpmyadminBenjamin Pflugmann25 Aug
      • Re: Security alert: phpmyadminVan25 Aug
        • Re: Security alert: phpmyadminBenjamin Pflugmann25 Aug