On Monday 13 April 2009 22:10:20 Mick wrote: > Hi All, > > I am not sure if I am alarming myself unnecessarily, but this is what I > observed: > > Login as e.g. mick; (this is a unix acccount) > mysql -u root -p > Enter password: XXXXXX > > mysql> GRANT ALTER, CREATE, CREATE TEMPORARY TABLES, CREATE VIEW, INDEX, > INSERT, SELECT, UPDATE ON database1.* TO 'db_user1'@'localhost' IDENTIFIED > BY 'passwd1'; > Query OK, 0 rows affected (0.00 sec) > > mysql> FLUSH PRIVILEGES; > Query OK, 0 rows affected (0.00 sec) > mysql>quit > > Now if I login into database1 as db_user1 and then press the up arrow key > at the mysql> prompt I end up seeing all the previous commands that I ran > as root, including the 'passwd1'!!! > > Isn't this a rather serious security problem? How could I do it > differently?
Not at all. What you are seeing when pressing the up arrow is not commands stored by MySQl, but commands stored by your shell. It's complex to explain, so bear with me: What you type into the mysql prompt is just essentially a shell command. Mysql transforms it into the correct format the the mysqld process understands and issues the command. In both cases above you were running these commands as unix user mick. In both cases, one of the attributes issued to mysqld is which *mysql* user to run the command as. The history as remembered by the mysql client is a unix history, and mick did both. Analogy: You log into bugs.gentoo.org and gmail.google.com from the same firefox from the same unix account but with different user names. Firefox however, is fully aware of what command you ran to get to both sites and has both passwords stored in it's wallet. To improve security, you should consistently use the same privileged unix account to connect to mysql for admin actions. I usually su to root to log into mysql as root. Plus, user alan on your machine cannot see user mick's mysql history, so it's not as bad as it appears. -- alan dot mckinnon at gmail dot com
