I might be wrong, but the first thing I always do immmediately after installation is delete any anonymous user. There is really no need for any extra account from security point of view.
This also means that one entry f.e [EMAIL PROTECTED] would be enough as the "%" contains any host (including the localhost). Anybody, please correct me if I am talking rubish ;-) Best regards Nils Valentin Tokyo/Japan 2003年 5月 29日 木曜日 03:45、D Crompton さんは書きました: > Taken from manual: > > mysql> GRANT ALL PRIVILEGES ON *.* TO [EMAIL PROTECTED] > > -> IDENTIFIED BY 'some_pass' WITH GRANT OPTION; > > mysql> GRANT ALL PRIVILEGES ON *.* TO monty@"%" > > -> IDENTIFIED BY 'some_pass' WITH GRANT OPTION; > > A full superuser who can connect to the server from anywhere, but who must > use a password 'some_pass' to do so. Note that we must issue GRANT > statements for both [EMAIL PROTECTED] and monty@"%". If we don't add the > entry with localhost, the anonymous user entry for localhost that is > created by mysql_install_db will take precedence when we connect from the > local host, because it has a more specific Host field value and thus comes > earlier in the user table sort order. > > > ----------------------------- > > The above implies you should have 2 permissions for every user, i.e. one > for > local and one for % > > Is this really necessary? > > We have root user and one other user called mark. A lookup therefore > shows 4, 2 for each: > > [EMAIL PROTECTED] > [EMAIL PROTECTED] > > [EMAIL PROTECTED] > [EMAIL PROTECTED] > > > Should we really have 2 permissions for every user?. Doesn't the root just > need access to localhost only?. -- ================================================ Valentin Nils Internet Technology E-Mail: [EMAIL PROTECTED] URL: http://www.knowd.co.jp/staff/nils ------------------------------------------------ 有限会社ナレッジデザイン 〒182-0024 東京都調布市布田4-6-1 調布丸善ビル7F Phone: 0424-40-7912 Fax: 0424-40-7913 URL: http://www.knowd.co.jp ================================================ -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
