List:General Discussion« Previous MessageNext Message »
From:Paul DuBois Date:March 4 2003 3:36am
Subject:Re: default installation and security question
View as plain text  
At 7:53 -0800 3/3/03, Nicole Lallande wrote:
>I have been working with a software provider whose software db 
>configuration uses the default mysql installation (ie, root, no 
>password).  They contend that since the mysql server itself is not 
>shared (ie, installed on a vps for a single user) that there is no 
>need to add a password.  Are they correct?  All the documentation I 
>have every read recommends at the very least immediately adding a 
>password. Please advise.

No.  They're incorrect.

Running as root is an invitation for trouble.
Running without a password is an invitation for trouble.

>Best regards,

default installation and security questionNicole Lallande3 Mar
  • Re: default installation and security questionPaul DuBois4 Mar