Kieran Kelleher wrote:
Here is the user, host and password fields from one of my MySQL servers named TestServer
mysql> select user, host, password from user; +------------+------------+------------------+ | user | host | password | +------------+------------+------------------+ | root | localhost | hekw8838hdd8938d | | root | TestServer | | | | localhost | | | | TestServer | | | root | 192.% | hekw8838hdd8938d | +------------+------------+------------------+ 6 rows in set (0.03 sec)
The first and last entries were created by me and are fine.
The 3rd and fourth are default entries which block everyone access (all the privileges are 'N' for those
But what about the second entry? I did not create it .... is it a security risk since it has no password? I tested it to be sure and cannot even log in on the local machine using the host parameter 'TestServer'....
The first four entries were created by default (mysql_install_db), and you followed the directions to set a password for the first one. The second entry says root can connect via tcp *from* the machine with hostname TestServer with no password. Presumably, TestServer is (or was) the hostname of your machine.
TestServer:~ admin$ mysql -u root -h TestServer -p
Here you try to connect via tcp *to* the mysql server on the machine with hostname TestServer.
Enter password: ERROR 2005: Unknown MySQL Server Host 'TestServer' (1) TestServer:~ admin$
Apparently, TestServer is not running mysqld, or couldn't be found. I'd guess a DNS lookup on TestServer failed to retrieve an IP.
Does the mysql daemon use this particular one for access??
Since root can connect from localhost (line 1) and from any machine on the local net (192.%, line 5), you can safely remove the [EMAIL PROTECTED] user. It is my impression that most people also remove the two anonymous users (lines 3 and 4).
Michael
-- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
