[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [d-security] Re: root's home world readable


On Mon, Jan 21, 2002 at 03:23:15PM -0800, Thomas Bushnell, BSG wrote:
> If it's a way to get "the logs" to rotate, that sure sounds like a
> system-wide option.  If it's a root password to a system-wide
> database, then that's also a system-wide option.  
The password for the mysql root user is not property of the system wide
configuration as I can't force the user to change a file in /etc
every time they change the users password and, due to mysqls default to
use the mysql user of the same name as the system user you are logged in
it would be unconvinient for the user to have to log into mysql as
something other.

With "functionality" I not only meant log rotating but also shutting down
the server at upgrades and deinstalles as I don't want to just kill the
processes although last time I checked the code was the same.

So I end up with a debian specific user with shutdown/reload privileges 
that's created with a random (saved) password at installtime as the best
solution, or?



P.S.: Further discussion via BTS (off topic here). thanks.

Reply to: