[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

mysql admin user (was: root's home world readable)


On Mon, Jan 21, 2002 at 03:35:14PM -0800, Thomas Bushnell, BSG wrote:

[cutted much to answer all below]
> > So I end up with a debian specific user with shutdown/reload privileges 
> > that's created with a random (saved) password at installtime as the best
> > solution, or?
> Nope.  Probably the user should need to be root (or some other generic
> user), but the files that are manipulated to accomplish
> shutdown/reload and so forth should all be in /etc.
Nope (to your nope, because what you argument does in no way contradict
my proposals, and the english wasn't that bad :-))

But to clear things up:
I create a Debian specific users with all privileges that my Debian scripts
need and then store this user's password in plaintext (necessary) in /etc.
That's all I need as mysql now lets me specify config files everywhere so
I don't have to give them via command line or similar which show up in "ps".

I won't fiddle around with the (mysql)root's password outside of /root 
because a common admin wouldn't expect that. (All mysql clients default to
connect you with your $USER name so root normally is mysql user "root",
So there really are no problems (



  This doesn't belong to a security mailing list...

Reply to: