[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] mySQL & security

Subject: Re: [cobalt-users] mySQL & security
From: Kris Dahl <kris@xxxxxxxxxxxxx>
Date: Mon Jan 17 08:58:43 2000

on 1/17/00 8:43 AM, Rik Thomas at rikt@xxxxxxxxxxxx wrote:

> Yes I would stay away from that.  Not really a security risk to anyone but
> him, but it could be a resource hog for your box, expecially is he shares
> the username and password.  Better to just set it to localhost and make
> him ssh or telnet in.
> 
> On Sun, 16 Jan 2000, Goran Blagus wrote:
> 
>> Hello !
>> 
>> We have user who wants from us to put '%' as host in host table.
>> 
>> insert into host
>> (host,db,Select_priv,Insert_priv,Update_priv,
>> Delete_priv,Create_priv,Drop_priv)
>> values
>> ('%','his_database','Y', 'Y', 'Y', 'Y', 'Y', 'Y');
>> 
>> What do you thing about it ? Isn't to risky to allow _EVERY_ internet host
>> conection to mySQL on our server ?

Well, you have to allow the user access to his databse from remote in order
for him to run remote ODBC stuff, remote clients (like a local web
development server).  It is unreasonable to allow a connect from any IP.  I
think a class C is acceptable, and he should be able to provide you with
that, or multiple IPs that he'll be connecting from.  If he is on a modem
with a big ISP (dare say AOL?) then he needs to get a clue, buy a decent
static connect, or get setup with a smaller, more customized ISP.

And you can quote me on this.  :)

-k

References:
- Re: [cobalt-users] mySQL & security
  - From: Rik Thomas

Prev by Date: [cobalt-users] FrontPage
Next by Date: [cobalt-users] Qube2 and Server Side Includes (SSI)
Previous by thread: Re: [cobalt-users] mySQL & security
Next by thread: [cobalt-users] RE: [Cobalt] POP before SMTP on the Raq2

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index