tag:blogger.com,1999:blog-16959946.post8964186512730286469..comments2023-12-09T16:44:47.897+01:00Comments on The Data Charmer: Default users in MySQL 5.7Giuseppe Maxiahttp://www.blogger.com/profile/15801583338057324813noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-16959946.post-38162375784574073652015-11-25T02:05:08.677+01:002015-11-25T02:05:08.677+01:00Hi @Todd,
Thanks for your comments.
I understand t...Hi @Todd,<br />Thanks for your comments.<br />I understand the reason for the removal of the test database although I don't agree on the action. Since there are many users who are still deploying MySQL 5.5 and 5.6, they may see this change and think (erroneously) that removing the test database would remove the vulnerability. Then they naively create a database named "test_bank" and they get the same vulnerability as before. <br />The removal of anonymous users from both tables (user and db) is the real security measure that should be emphasized. Removing the test database after closing the door to anonymous user feels like a voodoo move.<br /><br />This debate is probably exaggerated on both sides. I like what the MySQL is doing. Keep up the good job!<br />From my side, I want to make sure that users of earlier versions understand the real risks in their servers.Giuseppe Maxiahttps://www.blogger.com/profile/15801583338057324813noreply@blogger.comtag:blogger.com,1999:blog-16959946.post-11806980967821458642015-11-25T01:48:17.833+01:002015-11-25T01:48:17.833+01:00Hi Giuseppe! I'm glad you're seeing the i...Hi Giuseppe! I'm glad you're seeing the investment made in making MySQL Server 5.7 secure by default. I want to comment on the two changes you listed - the mysql.sys user account and the removal of the test database.<br /><br />When sys was first released, it relied on root@localhost privileges. That's not a good security practice, and sys needs only a subset of privileges which root usually has. It wasn't caught until late in the release cycle, but I think it was a very important and appropriate change to make. It seems the lateness of the change caused problems (such as you note with Docker), and those need to be fixed. An ideal scenario would have identified and fixed the issue much earlier, but it wasn't noticed (AFAIK) until very late in the process.<br /><br />The removal of the test database is a checkbox-type change, and the basic requirement is that we provide a minimal installation package which limits exposure via unnecessary scripts and database objects. Having a default installation which includes a database named "test" raises immediate questions, and while removal of anonymous accounts may have mitigated the impact of such a database, it's far easier to to avoid creating the test database generally than to force DBAs to explain to management why a related security finding isn't really important.<br /><br />Somethings are done to make MySQL more secure, some are done to make it easier for DBAs to prove that MySQL is more secure. Removing the test database generally falls in the latter category, especially when considered in the context of the other changes you cite.<br /><br />Todd Farmerhttps://www.blogger.com/profile/07381400209965677680noreply@blogger.com