Hello Takacs, Monday, January 21, 2002, 1:42:06 PM, you wrote:
TI> I want to secure our MySQL DB as much as possible. TI> In the freshly installed DB I have found two records in TI> the mysql.user which has no value in the User and TI> Password field; TI> --+-----------+------------+-----------------+------------+------------+ TI> | Host | User | Password | Select_priv | Insert_priv | TI> Update_priv | TI> Delete_priv | Create_priv | Drop_priv | Reload_priv | Shutdown_priv | TI> Process_pri TI> v | File_priv | Grant_priv | References_priv | Index_priv | Alter_priv | TI> +-----------+-------+------------------+-------------+-------------+-------- TI> -----+ TI> | localhost | root | 1500fab725e6f823 | Y | Y | Y TI> | TI> Y | Y | Y | Y | Y | Y TI> | Y | Y | Y | Y | Y | TI> | server | root | 1500fab725e6f823 | Y | Y | Y TI> | TI> Y | Y | Y | Y | Y | Y TI> | Y | Y | Y | Y | Y | TI> | localhost | | | N | N | N TI> | TI> N | N | N | N | N | N TI> | N | N | N | N | N | TI> | server | | | N | N | N TI> | TI> N | N | N | N | N | N TI> | N | N | N | N | N | TI> Should I delete these records? Or are these for any TI> administrative purposes? Don't be afraid. These are default records in mysql.user and all priv_types are set to 'N'. It doesn't make a security flaw. -- For technical support contracts, goto https://order.mysql.com/ This email is sponsored by Ensita.net http://www.ensita.net/ __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Victoria Reznichenko / /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED] /_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.net <___/ www.mysql.com --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
