Firstly mysql security has no relationship with system security.
Secondly, what are you trying to do? Is your machine to be a development
server only while the "client" is the main production server? If not, then
the client machine is a true client and there is no need to install the
mysql server on that machine. You would then use the -h flag to connect to
your server machine.
If your client is really a production server, look up flush privileges in
the manual or restart the mysql server.
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, February 27, 2001 7:51
Subject: mysql.user puzzler
>
> Hi,
>
> I'm deploying a solution that uses Mysql to a number
> of machines. Because I don't want to set passwords and
> shutdown access to anonymous users by hand on each
> machine, and because I don't want the security problems
> associated with having scripts with passwords in plaintext
> lying around these machines, I've decided to deploy a set
> of pre-configured database tables along with my app.
>
> Now for the puzzler: identical tables behave differently
> on different machines!
>
> On my build machine, I have a mysql.user table set up
> with four entries: one is for root@localhost, and the
> other three are for a user I created coming from localhost,
> plus two other domains. All entries have passwords set,
> with root having full global permissions, and the other
> user having none, as recommended in the docs. There are
> three entries in the db table for my special user so
> that it can access a separate database, and nothing in
> my host table. This special user doesn't exist in the
> /etc/password file, and so doesn't map to any UID. It
> all behaves as you'd expect. There's no anonymous access,
> either read or write. In fact, I can't even bring up the
> monitor without a password.
>
> Now to my target machine. I have the same tables -- right
> down to the same encrypted passwords -- but anyone with
> a shell can waltz right in and start the monitor. If you
> do a "mysql -u root", no password, you can edit the grant
> tables. Mysqlaccess reports that both root and my special
> user require passwords.
>
> What am I missing here? Anybody have a guess?
>
> Both build and deployed machines are running 3.23.31, and
> identical Debian distros.
>
> Thanks in advance,
>
> Polly Powledge
> [EMAIL PROTECTED]
>
> ---------------------------------------------------------------------
> Before posting, please check:
> http://www.mysql.com/manual.php (the manual)
> http://lists.mysql.com/ (the list archive)
>
> To request this thread, e-mail <[EMAIL PROTECTED]>
> To unsubscribe, e-mail
<[EMAIL PROTECTED]>
> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
