I would be wary of disabling version(). That's the kind of annoying thing that sys admins do when they don't understand the life of a developer. Some programs and modules require the version() function to work. Security to that extreme is only useful if you understand that it may cause more downtime than a breakin. If that is understood and the time/money spent is worth it, then that is fine.
I can only see this kind of security necessary for medical or classified information. > -----Original Message----- > From: Joseph Bueno [mailto:[EMAIL PROTECTED] > Sent: Monday, March 24, 2003 11:39 AM > To: Florian Effenberger > Cc: [EMAIL PROTECTED] > Subject: Re: disabling version number > > > Florian Effenberger wrote: > >>No, why? > > > > > > Part of my security concept, I generally disable all > version numbers. > > > > > You can patch mysql source and recompile ;) > > However, if someone has enough access rights on your system to run > "select version();", showing mysql version number should be the least > important of your problems. > > Regards, > Joseph Bueno > > -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
