Re: Problem with permissions on Windows in 4.0.11a Gamma?

Tue, 18 Mar 2003 07:47:12 -0800 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Shulman wrote:
> Mark,
>
> Thanks for your note. I did read this page in the manual, especially this
> paragraph.
>
> <<
> The default privileges on Windows give all local users full privileges to
> all databases without specifying a password. To make MySQL more secure, you
> should set a password for all users and remove the row in the mysql.user
> table that has Host='localhost' and User=''.
>
> You should also add a password for the root user. The following example
> starts by removing the anonymous user that has all privileges, then sets a
> root user password:
>
> C:\> C:\mysql\bin\mysql mysql
> mysql> DELETE FROM user WHERE Host='localhost' AND User='';
> mysql> QUIT
> C:\> C:\mysql\bin\mysqladmin reload
> C:\> C:\mysql\bin\mysqladmin -u root password your_password
>
>
> In my example, you will see that I did DELETE FROM user to remove all rows
> where username is blank. However, I did not reload the service. When I did,
> it now looks like the correct behavior is happening.
>
> -ms

If you mess around with the tables in the 'mysql' database, the changes don't take effect until you issue a 'FLUSH PRIVILEGES' command, as the data is cached in memory for speed (it has to be looked up for _every_ query). The 'GRANT' commands due this implicitly.


-Mark

- -- MySQL 2003 Users Conference -> http://www.mysql.com/events/uc2003/

For technical support contracts, visit https://order.mysql.com/?ref=mmma

    __  ___     ___ ____  __
   /  |/  /_ __/ __/ __ \/ /  Mark Matthews <[EMAIL PROTECTED]>
  / /|_/ / // /\ \/ /_/ / /__ MySQL AB, Full-Time Developer - JDBC/Java
 /_/  /_/\_, /___/\___\_\___/ Flossmoor (Chicago), IL USA
        <___/ www.mysql.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.1.90 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+dzvAtvXNTca6JD8RAj+fAKDGkQ+WFRQKLbjG7LP+PkOTj8H8qwCdHKh8
z5R5cp2I2bQTcdVxKhrC9V8=
=Hpyp
-----END PGP SIGNATURE-----


---------------------------------------------------------------------
Before posting, please check:
  http://www.mysql.com/manual.php   (the manual)
  http://lists.mysql.com/           (the list archive)

To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php

Reply via email to