[LON-CAPA-admin] Two significant MySQL security holes

[Scott Harrison]

Minor errata.

> Fix #1 - Secure the MySQL socket with file permissions.
> 
>     As root, run these commands:
>          chown apache2:apache2 /var/lib/mysql/mysql.sock

SHOULD BE
           chown www:www /var/lib/mysql/mysql.sock

>          chmod a-rwx,u+rwx /var/lib/mysql/mysql.sock
> 
> Fix #2 - Revoke privileges to the MySQL 'user' table for user=www.
> 
>          mysql -u root -p
>          mysql> REVOKE ALL PRIVILEGES ON *.* FROM www at localhost;
>          mysql> GRANT ALL PRIVILEGES ON loncapa.* to www at localhost;
>