Re: MySQL users question
You may not have been hacked. The default setup is rather insecure. Here are some things to note.
Access to your machine is controlled by these fields in mysql.user:
user -- login name
host -- where he is coming from
password -- encrypted version of his password, or '' if no password.
host='localhost' -- applies to the machine where the server is
host='%' -- anywhere
In addition, if all the Priv columns are 'N', then it will recognize the user, but not allow him to do anything. Some of the 'extra' rows may be like this.
Further, when doing something like this (which is highly advised for every application on your server):
GRANT ... ON dbname.* TO user@'%' IDENTIFIED BY '...';
mysql.user will show all 'N' for Privs, but
mysql.db will show the actual Privs for `dbname`.
When looking for hackers, look especially for
Priv_grant = 'Y'
Priv_super = 'Y'
Those two privileges should be guarded most carefully. It is probably best to have those granted only to root@localhost, and have a non-trivial password for 'him'.
Subject
Written By
Posted
Re: MySQL users question
June 07, 2011 10:13AM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.