On Wed, Feb 18, 2009 at 5:56 PM, Kevin Kofler <kevin.kofler@xxxxxxxxx> wrote: > Aldo Foot wrote: >> So you're suggesting that because you have a firewall it's ok to >> have accounts without passwords? My sense of system security is >> very different from your own... so maybe it's ok with you. >> BTW - the accounts I was referring to are those created by mysql, which >> are different from the system accounts. >> And yes, I know how installs and firewall relate. > > The "account" is only accessible for the current user, the mysqld is > configured to only listen on a local Unix socket only accessible to the > current user. So there's no security risk whatsoever at all. > > Kevin Kofler Thanks for the explanation. Maybe I'm a bit paranoid about no passwords on any account type As Rick pointed out this idea I introduced is not inline withe the OP's question, but I'll just throw this in: Remember that when one installs mysql there is a warning to give a password to the root account --this is what I initially had in mind. Just for reference: http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html "Accounts with the user name root are created. These are superuser accounts that can do anything. The initial root account passwords are empty, so anyone can connect to the MySQL server as root — without a password — and be granted all privileges." I believe the above refers to a local login and not coming from a TCP connection. I should have made the distinction earlier. My bad. Anyways... it could be problematic to have a bunch of records and have some account with full access wipe things out. it's been a long day. ~af -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
