Bug 88352

Summary: rfe: mysqld should bind only to localhost by default instead of
Product: [Retired] Red Hat Linux Reporter: Toni Willberg <toniw>
Component: mysqlAssignee: Tom Lane <tgl>
Status: CLOSED UPSTREAM QA Contact: David Lawrence <dkl>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: hhorak, redhat-bugzilla
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-02-03 19:10:34 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Toni Willberg 2003-04-09 10:57:18 UTC

By default mysql-server installation configures mysqld to listen on all
addresses (

I suggest changing the default configuration to bind mysqld only to localhost
( by adding "bind-address=" to /etc/my.cnf.

There should be no need to listen on right after installation, as the
database is empty anyway.

Version-Release number of selected component (if applicable):

Comment 1 Nathan G. Grennan 2003-05-05 16:35:09 UTC
I agree with you. I have been adding --bind-address= to
/etc/rc.d/init.d/mysqld on the safe_mysqld line. I don't trust the acl not to
allow someone to buffer overflow or exploit mysqld in some way. Even if it is
just DDoS.

Comment 2 Toni Willberg 2003-05-28 12:30:59 UTC
Still valid for mysql-server-3.23.56-2.

Comment 3 Patrick Macdonald 2003-11-10 15:14:37 UTC
*** Bug 109424 has been marked as a duplicate of this bug. ***

Comment 4 Tom Lane 2004-02-03 19:10:34 UTC
I'm a bit hesitant to override the upstream's opinions about how to
configure their software.  If we do this then Red Hat installations
will behave differently from everyone else's, and we'll get bug
reports about how people can't connect to their MySQL servers.

I'd suggest taking it up with MySQL AB and seeing if you can convince
them it's a good idea.