Jump to content


Photo

Newbie on simple security setting


  • Please log in to reply
3 replies to this topic

#1 WildCard#!

WildCard#!
  • New Members
  • Pip
  • Newbie
  • 2 posts
  • LocationWales

Posted 27 December 2003 - 02:27 AM

Hi new to MySQL. Everything is a bit of a blur at the moment. Through time though hopefully I understand it. I installed the killer trio (Apache, PHP, MySQL) and seem to have done it with success. The problem I am facing at the moment is that it is about security on MySQL. I have set a root password and also set a password for my username. However I can still get in thorugh by using any made up usernames. Eg shell> mysql -h localhost -u BlahBlahwhateveretc and it accesses the MySQL Monitor. I have looked at the manual but does not explain clearly how to resolve this. I just want my 1 username with a password to access it and anything else to be denied, (apart from root of course).

Any help would be much appreciated, thanks. :D

#2 gizmola

gizmola
  • Administrators
  • Advanced Member
  • 4,664 posts
  • LocationLos Angeles, CA USA

Posted 27 December 2003 - 07:53 AM

Get into the database and use mysql;

Select * from users;

Look for a * in the user name column and remove that row in the table. After doing so you may have to flush priveleges;

#3 WildCard#!

WildCard#!
  • New Members
  • Pip
  • Newbie
  • 2 posts
  • LocationWales

Posted 28 December 2003 - 04:35 PM

Diamond, cheers I done it, much appreciated. I also found this in the manual somewhere.

DELETE FROM mysql.user WHERE user=\'username\' and host=\'hostname\';
FLUSH PRIVILEGES;

However I had to do this instead

DELETE FROM mysql.user WHERE user=\'\';
FLUSH PRIVILEGES;

I deleted two records in the mysql table. Hopefully the one record wasn\'t that important. It had a NULL username and \"localhost\" as the host.

Maybe I\'ll find out down the line. :?

#4 gizmola

gizmola
  • Administrators
  • Advanced Member
  • 4,664 posts
  • LocationLos Angeles, CA USA

Posted 29 December 2003 - 08:20 AM

That sounds good. I don\'t think you want one with a NULL username.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users