Security annoucement mailing-list ?
Hi, is it possible to create (I don't think it already exists) a mailing-list just for security problems about MySQL. I'm very concerned about the security of my web sites, and I rely on MySQL to provide dynamic content. So, for the moment, I must subscribe to the general list and receive tons of messages just to see sometimes a security annoucement (like the recent buffer-overflows) Does anybody share my point of view about this security-only list ? Nicob - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Security annoucement mailing-list ?
I'd rather see them sent to the MySQL announcements list. It is already VERY low-traffic, and that seems like appropriate content. No sense creating another list just for the VERY occasional announcements when we already have one [mostly] for that purpose. It seems to be a good idea. My main concern is to avoid the numerous messages of the general list, not to create a new, dedicated list. Are the security info sent to the Announcement list ? (if it is the case, i will subscribe to it and unsubscribe of the general one) Nicob - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: mysql -u root WITHOUT password !
RENAULT Laurent a crit : I don't have mySQL root password ! Is the solution do a backup of databases and cleanup mysql install and re-install it ? If you have Unix root access, you can edit the table where is stored the encrypted password, and put a new one ... You can too re-install MySQL Nicob - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re: Mysql and security?
msquared a crit : Perhaps you want to distribute a CD full of databases, and people buy access to specific databases. access = password IMHO, this method can't protect the content of the CD. Hace a closer look : - you have read acces to the CD (files-level read access), but your MySQL server asks for a password when you want to read a particular table. - so, copy the content of the CD to hard-disk (included privs database) - edit manually (vi -b) the passwords table, replace the existing encrypted password with one you know the clear text - use MySQL with the table stored on the hard-disk - you are prompted for a password, enter yours - you have access to the CD content without the original password ( you have just win some maps of Australia :) I think it would work Nicob - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Security issue
Hi, Still not any info about the buffer-overflow discovered last week ? Shouldn't be fixed at the beginning of the week ? Please, dear MySQL team, give us info !! Regards, Nicob - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
Re : mysql security issue, overflow
Sergei Golubchik a crit : Hi! On Jan 12, Joo Gouveia wrote: Hi, I believe i've found a problem in MySql. Here are some test's i've made in 3.22.27 x86( also tested on v3.22.32 - latest stable, although i didn't debug it, just tested to see if crashes ). Confirmed up to latest 3.23 This will be fixed ASAP! Is it fixed now ? Is there a patch available ? Please give us info, our servers are in the wild Nicob - Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail [EMAIL PROTECTED] To unsubscribe, e-mail [EMAIL PROTECTED] Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php