hi james, On Mon, May 09, 2005 at 07:21:31PM -0700, james m wrote: > the mysql-server package should ship with tcp disabled, and only listen on > unix sockets. Or, the package should offer the user an option to enable or > disable tcp.
currently, the default mysql server installation only allows tcp/ip
connections on the loopback address. it is our opinion that this
doesn't constitute any lowering of security, because there are no
users capable of connecting to localhost:3306 that aren't also
capable of connecting to the local socket.
the reason why it was enabled (it used to be disabled by default)
was because there are some applications which are unfortunately
unable to speak to the server on the socket and can only speak
via tcp/ip. since as i mentioned this isn't really a change
in the level of security, i think it therefore made sense to enable
networking on the loopback address by default. keep in mind that
you always have the option to disable it.
so, if this explanation suffices, would you agree to closing this bug?
sean
--
signature.asc
Description: Digital signature
