MySQL Forums
Forum List  »  Newbie

Re: Using skip-grant-tables in MySQL 8.0.28
Posted by: Phillip Ward
Date: July 12, 2022 02:33AM

Quote

I found that the customer's application has been using the skip-grant-tables option, ...

Oh Good Grief.

Quote

... and that all the code where the database is connected does not specify a username and password.

Have the "Developers" of this Application ever heard of "Security"?? Database or otherwise?
I could use words like "Pathetic", but I'll restrain myself.

Quote

The database version is MySQL 5.1.

As you already know, this prehistoric version has been unsupported (a.k.a. "Dead and Buried" for almost a decade, now.
At least they're [finally] thinking about upgrading.

Quote

Prior to MySQL 8.0.3, skip-networking was not enabled using the skip-grant-tables option. In older versions of MySQL, what was the primary use of the skip-grant-tables option?

Same as it is now.
It allows users to connect to the database and access any table without any security restrictions. The idea would be to go into the database and fix whatever problem forced you to do this in the first place.
MySQL has now [rightly] decided that operating the database in this "wide open" fashion is so dangerous that they will no longer allow "remote" connections to a database running in this way. Only the DBA (i.e. you), running locally on the database server, is allowed in).

As far as I know, there is no way around this.

The "Developers" of this application are in for a nasty shock.
They now have to "retrofit" security into the mess that they've created, which will not be easy - but hey; that's not your problem.
Simply tell then - quote truthfully - that they must change their Application code to work with [proper] database security before you can upgrade the database.

Options: ReplyQuote




Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.