| List: | General Discussion | « Previous MessageNext Message » | |
| From: | Rolf Hopkins | Date: | August 25 2000 12:34am |
| Subject: | Re: Security alert: phpmyadmin | ||
| View as plain text | |||
> Michael Widenius wrote: > > > > The encrypted password is the real password in MySQL; The password is > > only encrypted to not let one guess your real password; > > Does this mean that when connecting to MySQL using perl (or even the > MySQL client) over a network, the following occurs? > > DBD::mysql first encrypts the password. > It then sends the encrypted password to the MySQL server. > The MySQL server compares it to the stored encrypted password. > If they match, let the user in. > > If so, couldn't someone sniff the packets and get the encrypted password > anyway? I would have thought that the password would get sent to the mysql server before being encrypted for comparison!!! Cheers Rolf
| Thread | ||
|---|---|---|
| • How large a database can mySQL handle? | Jeff Schwartz | 11 Mar |
| • Re: How large a database can mySQL handle? | Van | 12 Mar |
| • Re: How large a database can mySQL handle? | Michael Widenius | 12 Mar |
| • Re: How large a database can mySQL handle? | Henrique Pantarotto | 12 Mar |
| • Re: How large a database can mySQL handle? | David Sklar | 12 Mar |
| • RE: How large a database can mySQL handle? | Brett Error | 12 Mar |
| • Re: Security alert: phpmyadmin | Van | 24 Aug |
| • Re: Security alert: phpmyadmin | Michael Widenius | 28 Aug |
| • Re: Security alert: phpmyadmin | Tonu Samuel | 24 Aug |
| • Re: Security alert: phpmyadmin | Ed Wang | 24 Aug |
| • Re: Security alert: phpmyadmin | Rolf Hopkins | 25 Aug |
| • Re: Security alert: phpmyadmin | Benjamin Pflugmann | 25 Aug |
| • Re: Security alert: phpmyadmin | Van | 25 Aug |
| • Re: Security alert: phpmyadmin | Benjamin Pflugmann | 25 Aug |