[vox-tech] mysql: printing all users and databases

[David Hummel]

On Mon, Mar 15, 2004 at 09:03:01AM -0800, Peter Jay Salzman wrote:
> 
> i'll give it a try.  i have to say, i'm a little disheartened with
> mysql.  i just want it to "work" and be secure.

Perhaps you can decide if MySQL is going to work for you or be secure
enough after reading the documentation.

> from reading the docs, it _appears_ (although it doesn't say
> explicitly) that not only does each username have a password, each
> user has a password for each hostname.  so 'root'@'localhost' may have
> a different password than 'root'@'someotherhost'.  that's just too
> bizarre for my mind.

The ability to have per host passwords for a user provides one more
layer of security.  If security is a concern, you should consider
denying root access from all hosts except the localhost.  In the "user"
table, the Host column can be specified as "%", indicating all hosts,
thus allowing a single password for a user, regardless of the host.

> it also looks like a database name of "mysql" may refer to the
> collection of all databases, but i haven't verified that yet.

The purpose of database "mysql" is for access privileges.  I suggest you
start reading about this first.  The access privilege system is actually
very flexible.

> plus having anonymous users... really, anonymous.  as in, so anonymous
> that they don't even have a username, is a really strange concept.  even
> anonymous ftp users have a username of "anonymous".

That is why most people delete the row with the empty "User" column from
table "user", or they should anyway.

-David