Absolutely this is nothing short of bad admining....Ibet you could scag in their
passwd file and has root access in short order...;( And of course the ISP will blame
mysql if anything happens to them though...lazy bad ISP
cheers,
mikel
Donald Korth wrote:
> Hello !!!!
>
> The hosting company has given me a user name and passwd . When i log into my own
>site thro' a telnet session i 'm able to view all the databases created in the server
>that includes DBs not created by me . I also did a "USE DB" command to connect to a
>DB that wasn't mine . Also "Show tables" faithfully listed all the tables in the DB .
>I even was able to run a "SELECT " on a login table table to list all the user names
>and passeords listed with the company .
> What do i make of it ???? An admin lapse or a inherent limitation of MySQL as the
>support guy makes it out . But the latter is hard to believe.
> Any suggestions on how to make my DB invisible on other Logins ?????
> Any help will be deeply appreciated .
> Regards
> Donald
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
