MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Jonathan Perkin Date:August 24 2007 11:08am
Subject:bk commit into 5.0 tree (jperkin:1.2491) BUG#27692
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of jperkin. When jperkin does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2007-08-24 13:08:50+02:00, jperkin@stripped +2 -0
  Restore creation of test databases and the anonymous user which
  were accidentally removed during a previous rototill of this
  code.  Fixes bug#27692.
  
  While it can be argued we should strive to provide a 'secure by
  default' installation, this happens to be the setup currently
  documented in the manual as the default, so defer changes that
  improve security out of the box to a co-ordinated effort later
  on.
  
  For now, make a note about the test databases and anonymous user
  in mysql_install_db and recommend that mysql_secure_installation
  be ran for users wishing to remove these defaults.

  scripts/mysql_install_db.sh@stripped, 2007-08-24 12:20:26+02:00, jperkin@stripped +7 -0
    Point users at the mysql_secure_installation script.

  scripts/mysql_system_tables_data.sql@stripped, 2007-08-24 12:02:58+02:00, jperkin@stripped +2 -0
    Add anonymous accounts.

diff -Nrup a/scripts/mysql_install_db.sh b/scripts/mysql_install_db.sh
--- a/scripts/mysql_install_db.sh	2007-07-27 15:05:51 +02:00
+++ b/scripts/mysql_install_db.sh	2007-08-24 12:20:26 +02:00
@@ -371,7 +371,14 @@ then
     echo "To do so, start the server, then issue the following commands:"
     echo "$bindir/mysqladmin -u root password 'new-password'"
     echo "$bindir/mysqladmin -u root -h $hostname password 'new-password'"
+    echo
+    echo "Alternatively you can run the $bindir/mysql_secure_installation"
+    echo "script which will also give you the option of removing the test"
+    echo "databases and anonymous user created by default.  This is"
+    echo "strongly recommended for production servers."
+    echo
     echo "See the manual for more instructions."
+    echo
 
     if test "$in_rpm" -eq 0
     then
diff -Nrup a/scripts/mysql_system_tables_data.sql b/scripts/mysql_system_tables_data.sql
--- a/scripts/mysql_system_tables_data.sql	2007-04-26 16:31:19 +02:00
+++ b/scripts/mysql_system_tables_data.sql	2007-08-24 12:02:58 +02:00
@@ -17,5 +17,7 @@ CREATE TEMPORARY TABLE tmp_user LIKE use
 INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
 REPLACE INTO tmp_user VALUES (@@hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
 REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+INSERT INTO tmp_user (host,user) VALUES ('localhost','');
+INSERT INTO tmp_user (host,user) VALUES (@@hostname,'');
 INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0;
 DROP TABLE tmp_user;
Thread
bk commit into 5.0 tree (jperkin:1.2491) BUG#27692Jonathan Perkin24 Aug