[LON-CAPA-admin] Two significant MySQL security holes
Carmine C. Balascio
carmine at UDel.Edu
Mon Sep 23 11:07:20 EDT 2002
When running Fix #2, I was asked for a password; and when I entered it,
I got the following error message:
ERROR 1045: Access denied for user: 'root at localhost' (Using password:
YES)
The other commands seemed to work okay.
Carmine
Scott Harrison wrote:
>
> Minor errata.
>
> > Fix #1 - Secure the MySQL socket with file permissions.
> >
> > As root, run these commands:
> > chown apache2:apache2 /var/lib/mysql/mysql.sock
>
> SHOULD BE
> chown www:www /var/lib/mysql/mysql.sock
>
> > chmod a-rwx,u+rwx /var/lib/mysql/mysql.sock
> >
> > Fix #2 - Revoke privileges to the MySQL 'user' table for user=www.
> >
> > mysql -u root -p
> > mysql> REVOKE ALL PRIVILEGES ON *.* FROM www at localhost;
> > mysql> GRANT ALL PRIVILEGES ON loncapa.* to www at localhost;
> >
> _______________________________________________
> LON-CAPA-admin mailing list
> LON-CAPA-admin at mail.lon-capa.org
> http://mail.lon-capa.org/mailman/listinfo/lon-capa-admin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: carmine.vcf
Type: text/x-vcard
Size: 444 bytes
Desc: Card for Carmine C. Balascio
URL: <http://mail.lon-capa.org/pipermail/lon-capa-admin/attachments/20020923/6fffb76d/attachment.vcf>
More information about the LON-CAPA-admin
mailing list