KDE 4.2 requires local MySQL Server
Aldo Foot
lunixer at gmail.com
Thu Feb 19 02:16:30 UTC 2009
On Wed, Feb 18, 2009 at 5:56 PM, Kevin Kofler <kevin.kofler at chello.at> wrote:
> Aldo Foot wrote:
>> So you're suggesting that because you have a firewall it's ok to
>> have accounts without passwords? My sense of system security is
>> very different from your own... so maybe it's ok with you.
>> BTW - the accounts I was referring to are those created by mysql, which
>> are different from the system accounts.
>> And yes, I know how installs and firewall relate.
>
> The "account" is only accessible for the current user, the mysqld is
> configured to only listen on a local Unix socket only accessible to the
> current user. So there's no security risk whatsoever at all.
>
> Kevin Kofler
Thanks for the explanation. Maybe I'm a bit paranoid about no passwords on
any account type
As Rick pointed out this idea I introduced is not inline withe the
OP's question, but
I'll just throw this in:
Remember that when one installs mysql there is a warning to give a password
to the root account --this is what I initially had in mind.
Just for reference:
http://dev.mysql.com/doc/refman/5.0/en/default-privileges.html
"Accounts with the user name root are created. These are superuser
accounts that can do anything. The initial root account passwords are
empty, so anyone can connect to the MySQL server as root — without a
password — and be granted all privileges."
I believe the above refers to a local login and not coming from a TCP
connection. I should have made the distinction earlier. My bad.
Anyways... it could be problematic to have a bunch of records and have some
account with full access wipe things out.
it's been a long day.
~af
More information about the fedora-list
mailing list