Hi All, I am not sure if I am alarming myself unnecessarily, but this is what I observed:
Login as e.g. mick; (this is a unix acccount) mysql -u root -p Enter password: XXXXXX mysql> GRANT ALTER, CREATE, CREATE TEMPORARY TABLES, CREATE VIEW, INDEX, INSERT, SELECT, UPDATE ON database1.* TO 'db_user1'@'localhost' IDENTIFIED BY 'passwd1'; Query OK, 0 rows affected (0.00 sec) mysql> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) mysql>quit Now if I login into database1 as db_user1 and then press the up arrow key at the mysql> prompt I end up seeing all the previous commands that I ran as root, including the 'passwd1'!!! Isn't this a rather serious security problem? How could I do it differently? -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
