MySQL user 'root' without password is fine?!

Robert Scheck fedora-list.listman at linuxnetz.de
Mon Nov 3 21:58:23 UTC 2003 

Hello,

playing around with the latest MySQL from Rawhide, I noticed, that there is
a bug or a problem in the new MySQL init script.

My "problem" was, that I set a password to the MySQL user 'root' and so the
original new init script fails.

I posted that at bugzilla, my posting is closed now, because supposedly all
works fine and it isn't a problem...

I personally think that's a brashness!

It is a pity, that the bugzilla report only can be read by the group
'rhnpm', so I was so free to post it here again ;-)

BTW: The original report was: #108779

If I read all correctly you don't need a password for the MySQL user 'root'
- that's fine and it's no security hole - really nice! :-/

On a test system installed Fedora Core 1 with the actual mysql - NOTHING
changed:

mysql> SELECT HOST,USER,PASSWORD FROM user;
+-------------+------+----------+
| HOST        | USER | PASSWORD |
+-------------+------+----------+
| localhost   | root |          |
| sirendipity | root |          |
| localhost   |      |          |
| sirendipity |      |          |
+-------------+------+----------+
4 rows in set (0.01 sec)

$ netstat -alpen | grep mysql
tcp        0      0 0.0.0.0:3306 0.0.0.0:*               LISTEN      0          346662     19079/mysqld

It's good to know, that here isn't any security problem, too.

10.0.0.2 = sirendipity

# mysql -h 10.0.0.2 -u root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 3.23.58

So root has still to set a password as you can read it at SecurityFocus:

  http://www.securityfocus.com/infocus/1726

I actually interpret the current default configuration of mysql and the
init script absolutely as misconfiguration. 

In my eyes NOTHING is okay - that doesn't fit to the other Red Hat security
patches and settings!

So what's up?! Could someone explain me, why with my message so wrongly did
to me?


--- snipp from Bugzilla #108779 ---
Opened by (Robert Scheck) on 2003-11-01 16:56

Description of problem, how reproducible and steps to reproduce:
# service mysqld restart
Stopping MySQL:                                            [  OK  ]
Timeout error occurred trying to start MySQL Daemon.
Starting MySQL:                                            [FAILED]
#
It displays only an error, but mysqld lives!

Version-Release number of selected component (if applicable):
mysql-3.23.58-4

Actual results:
If I do a mysqladmin ping at my system I get the following:
# mysqladmin ping
mysqladmin: connect to server at 'localhost' failed
error: 'Access denied for user: 'root at localhost' (Using password: NO)'
#

I've to use a password:
# mysqladmin -u root -p ping
Enter password:
mysqld is alive
#

Or I've to use the MySQL user:
# mysqladmin -u mysqld ping
mysqld is alive
#

Expected results and additional info:
The error is caused by that section:

> # Spin for a maximum of ten seconds waiting for the server to come up
> if [ $ret -eq 0 ]; then
>     for x in 1 2 3 4 5 6 7 8 9 10; do
>     if [ -n "`/usr/bin/mysqladmin ping 2> /dev/null`" ]; then
>             break;
>     else
>             sleep 1;
>     fi
>     done
>     if !([ -n "`/usr/bin/mysqladmin ping 2> /dev/null`" ]); then
>             echo "Timeout error occurred trying to start MySQL Daemon."
>             action $"Starting $prog: " /bin/false
>     else
>             action $"Starting $prog: " /bin/true
>     fi
> else
>     action $"Starting $prog: " /bin/false
> fi

You can't do that so - you've seen it above!
I added a new init script solving that problem.
And I think it's ugly to use "2> /dev/null" at a Bash script...

---

Additional Comment #1 From Robert Scheck on 2003-11-01 17:02 

Created an attachment (id=95652)
Fix for mysqld for /etc/init.d

---

Additional Comment #2 From Kim Ho on 2003-11-03 11:20  

I am having problems reproducing this problem.

[root at tomaluk init.d]# service mysqld start
Initializing MySQL database:                               [  OK  ]
Starting MySQL:                                            [  OK  ]
[root at tomaluk init.d]# mysqladmin ping
mysqld is alive
[root at tomaluk init.d]#
[root at tomaluk init.d]# service mysqld restart
Stopping MySQL:                                            [  OK  ]
Starting MySQL:                                            [  OK  ]
[root at tomaluk init.d]# service mysqld stop
Stopping MySQL:                                            [  OK  ]
[root at tomaluk init.d]#

The only way I was able to reproduce it was:

mysql> select user,host from user;
+------+----------------------------+
| user | host                       |
+------+----------------------------+
|      | localhost                  |
| root | localhost                  |
|      | tomaluk.toronto.redhat.com |
| root | tomaluk.toronto.redhat.com |
+------+----------------------------+
4 rows in set (0.00 sec)

mysql> delete from user where user='';
Query OK, 2 rows affected (0.00 sec)

mysql> \q
Bye
[root at tomaluk init.d]# mysqladmin ping
mysqld is alive
[root at tomaluk init.d]# service mysqld restart
Stopping MySQL:                                            [  OK  ]
Timeout error occurred trying to start MySQL Daemon.
Starting MySQL:                                            [FAILED]
[root at tomaluk init.d]# mysqladmin -u root ping
mysqld is alive

Please let me know if the users in mysql have been changed. (e.g. the
removal of anonymous users)

---

Additional Comment #3 From Robert Scheck on 2003-11-03 11:37 

mysql> select user,host from user;
+---------+-----------+
| user    | host      |
+---------+-----------+
| root    | hurricane |
|         | localhost |
+---------+-----------+

Well, I only gave root a password...
And it's correct to give mysql-root a password, because that is explicit
written in the mysql documentation!

---

Additional Comment #4 From Robert Scheck on 2003-11-03 11:45 

Have a look to the documentation:
http://www.mysql.de/doc/en/Default_privileges.html

---

Additional Comment #5 From Kim Ho on 2003-11-03 14:05  

The defaults work fine.

If you change the settings, then you will have to make the appropriate
changes in the scripts.

---

Additional Comment #6 From Robert Scheck on 2003-11-03 15:38 

The default works fine, as long as the admin doesn't change the password
for the mysql root user.

But as described in the MySQL admin documentation, everybody _must_ change
this, in order to close a security hole:
> Because your installation is initially wide open, one of the first
> things you should do is specify a password for the MySQL root user.
> You can do this as follows (note that you specify the password
> using the PASSWORD() function):

> Try mysql -u root. If you are able to connect successfully to the
> server without being asked for a password, you have problems.
> Anyone can connect to your MySQL server as the MySQL root user with
> full privileges! Review the MySQL installation instructions, paying
> particular attention to the item about setting a root password.

One solution would be to create a "dummy" mysql user restricted to
localhost and with no rights.

Another solution would be to remove the new changes and to live without a
check whether the mysql server runs or not.

And could you please remove the binding in bugzilla to the group rhnpm?
Thank you very much. I think that's interesting for other users, too.

---

Additional Comment #7 From Kim Ho on 2003-11-03 15:54  

No.. if everyone _HAS TO_ change this, it would have been part of
setting up MySQL.

It is not part of the defaults of MySQL and therefore, we will not be
changing it.
--- snapp from Bugzilla #108779 ---


Yours sincerly,

Robert

More information about the fedora-list mailing list