Im trying to prevent unauthorized login and add extra level of security for mysql... so that hackers dont login into zimbra mysql db and get access to the entire data...
Also if default zimbra and root user login is there for mysql than a hacker can easily predict and login into the DB.
Hope your gettin my point...
By default I believe MySQL is bound to the loopback address. So unless they gained access to the CLI then how would they cause any damage ?
thats the point if he gets through the CLI he can easily access zimbra DB by just hitting "mysql" thats it... but if guest login is disabled at that point of time he is forceful to login via a user ie using the command: "mysql -u user -p"
mysql> show databases;
now this will work... which shouldnt happen...
i need it to be like this:
su - zimbra
Access Denied for guest login
(so now he can access via) mysql -u user -p
I do appreciate what you are saying; but if somebody has managed to get to the CLI that would be the least of my worries ... especially if they get in as root. Well and truly p0wned
There are currently 1 users browsing this thread. (0 members and 1 guests)