13 Aug
2002
13 Aug
'02
8:56 a.m.
Rabus wrote:
----- Original Message -----
From: "Marc Delisle" <Delislma(a)CollegeSherbrooke.qc.ca>
MySQL ships with this configuration as default to make the first access
easy. But of course this is not meant to be left like this after the server
has been configured.
Done!
--
Marc Delisle
Robin Johnson wrote:
>Hi Guys,
>
>
>And other nefarious things. I found a few sites where I could access
>
their
>entire database with full rights, even some
where they have configured
>
the
user to
root and I could change the mysql database.
I know at least one distribution of Linux that installs MySQL with user
root and no password.
Let's add a red warning when we detect that
they are using 'config' auth
mode, with a blank password, to try to educate the admin of this system.
I agree.