Package: mysql-server Version: 4.0.24-5 Severity: grave Tags: security Justification: user security hole
The debian-sys-maint user is setup in the postinst to have mostly ALL PRIVILEGES, WITH GRANT, even. As I understand it (and as the README.Debian documents), the debian-sys-maint user is mainly used to "stop the server as they would require knowledge of the mysql root users password else." If we give all privileges, with grant, to the debian-sys-maint, why have such a user at all? Why not simply put the root password there, as there is not a big difference between the two users anyways? If I'm missing something, then it should be documented more clearly in the README.Debian. :) I've done some tests here and for the init.d script, all that is required is RELOAD and SHUTDOWN. Some other privileges might be necessary in other environments, namely replication, but I couldn't test this here by lack of resources. This isn't such a grave security concern, but should be considered as a security problem anyways, because we do not leave "only the necessary" but allow extra privileges the user doesn't need. Thank you for your hard work on this excellent package. A. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.8-2-k7 Locale: LANG=fr_CA, LC_CTYPE=fr_CA (charmap=ISO-8859-1) Versions of packages mysql-server depends on: ii adduser 3.63 Add and remove users and groups ii debconf 1.4.39 Debian configuration management sy ii gawk 1:3.1.4-2 GNU awk, a pattern scanning and pr ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libdbi-perl 1.46-6 Perl5 database interface by Tim Bu ii libgcc1 1:3.4.3-12 GCC support library ii libmysqlclient12 4.0.24-5 mysql database client library ii libstdc++5 1:3.3.5-12 The GNU Standard C++ Library v3 ii libwrap0 7.6.dbs-8 Wietse Venema's TCP wrappers libra ii mailx 1:8.1.2-0.20040524cvs-4 A simple mail user agent ii mysql-client 4.0.24-5 mysql database client binaries ii mysql-common 4.0.24-5 mysql database common files (e.g. ii passwd 1:4.0.3-31sarge1 change and administer password and ii perl 5.8.4-8 Larry Wall's Practical Extraction ii psmisc 21.5-1 Utilities that use the proc filesy ii zlib1g 1:1.2.2-3 compression library - runtime -- debconf information: mysql-server/skip_networking: false mysql-server/really_downgrade_from_41: false mysql-server/want_chroot: false * mysql-server/start_on_boot: true mysql-server/postrm_remove_databases: false * mysql-server/mysql_install_db_notes: mysql-server/nis_warning: mysql-server/mysql_update_hints1: * mysql-server/postrm_remove_database: false mysql-server/fix_privileges_warning: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
