On Wed, Feb 18, 2009 at 4:59 PM, Arthur Pemberton <[email protected]> wrote: > On Wed, Feb 18, 2009 at 6:22 PM, Aldo Foot <[email protected]> wrote: >> On Tue, Feb 17, 2009 at 10:32 PM, Arthur Pemberton <[email protected]> wrote: >>> I have yet to see what is so special about MySQL that makes having it >>> such a big issue. >> >> If anything at all: default accounts must be deleted or secured with >> passwords. > > Ok, bare with me awhile, but ... why? Or are you securing against > users who turn off their firewall? > > Because with a firewall up, an attacker would need to already have > access to the machine... in which case having passwords on MySQL is > useless. > > Installing mysql-server does not open your firewall.
So you're suggesting that because you have a firewall it's ok to have accounts without passwords? My sense of system security is very different from your own... so maybe it's ok with you. BTW - the accounts I was referring to are those created by mysql, which are different from the system accounts. And yes, I know how installs and firewall relate. ~af -- fedora-list mailing list [email protected] To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
