[LON-CAPA-admin] Two significant MySQL security holes
Scott Harrison
sharrison at users.sourceforge.net
Mon Sep 23 00:49:19 EDT 2002
Minor errata.
> Fix #1 - Secure the MySQL socket with file permissions.
>
> As root, run these commands:
> chown apache2:apache2 /var/lib/mysql/mysql.sock
SHOULD BE
chown www:www /var/lib/mysql/mysql.sock
> chmod a-rwx,u+rwx /var/lib/mysql/mysql.sock
>
> Fix #2 - Revoke privileges to the MySQL 'user' table for user=www.
>
> mysql -u root -p
> mysql> REVOKE ALL PRIVILEGES ON *.* FROM www at localhost;
> mysql> GRANT ALL PRIVILEGES ON loncapa.* to www at localhost;
>
More information about the LON-CAPA-admin
mailing list