Summary: | mysql my.cnf unsecure file permission | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Romang <zataz> |
Component: | Default Configs | Assignee: | Gentoo Security <security> |
Status: | RESOLVED WONTFIX | ||
Severity: | normal | CC: | mysql-bugs |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Romang
2005-05-04 06:55:09 UTC
we don't provide a password in there by default, and if a user did want to put one in /etc/mysql/my.cnf, it would be so that all clients on the system could access it getting the password automatically, hence no need for limited permissions. I recommend security mark as WONTFIX - there is a lot more need to have the my.cnf world readable so that unprivileged clients can get the rest of their settings. Closing as WONTFIX as requested by Robin. If anyone disagrees feel free to reopen. |