Package: mysql-server Version: 4.0.24-10sarge1 Severity: wishlist Tags: security
Hi, Unless I'm mistaken, the 'bind-address' setting in my.cnf doesn't appear to support the listing of multiple addresses. If someone wants to have mysqld listen on multiple addresses/interfaces (say, 127.0.0.1 on lo, 192.168.0.252 on eth1, but *not* the public IP bound to eth0), they're forced to either pick an IP, or have mysqld listen on all addresses. At that point, they're required to use iptables rules to block access. It would be nice to have bind-address support a list of IP addresses (if it already does, feel free to document it and close this; I couldn't find any mention of it, though). I'm tagging this +security since it's kind of important that people actually be able to specify which IPs they want mysqld to listen on (otherwise, why even *bother* with bind-address in the first place?)
signature.asc
Description: This is a digitally signed message part
