At 0:43 +0700 8/29/02, Arun Khemlai wrote:
>i'm reading section A.4.2 "How to Reset a Forgotten Root Password"
>in the MySQL reference manual and have a doubt. hope u gurus
>the manual states tht one can set a new password by taking
>the server down and restarting it again with the "skip-grant-tables" option.
>then assign a new pwd.
>so i tried and it did work (of coz, it's the reference manual).
>now i have all privileges (r/w) for all databases/tables.
>this doesn't make sense to me somehow: on windows everyone can kill the
>server using the task manager. this means, by following the above
>one would be able t make change to a table/database that he/she doesn't
>to do so. is it correct?
Sure. Someone who has physical access to your machine can do whatever
they want with it. This is true of any OS, not just Windows, and it's
true for any application, not just MySQL.
>so my question is, is it possible to prevent this to happen.
>surely i don't want whoever used to read the manual remove the
>"all-data-is-here" table in my killing business app.
Prevent physical access to your machine, for starters.
>Gesendet von Yahoo! Mail - http://mail.yahoo.de
>Mchten Sie mit einem Gruþ antworten? http://grusskarten.yahoo.de