Bug 88352
| Summary: | rfe: mysqld should bind only to localhost by default instead of 0.0.0.0 | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Toni Willberg <toniw> |
| Component: | mysql | Assignee: | Tom Lane <tgl> |
| Status: | CLOSED UPSTREAM | QA Contact: | David Lawrence <dkl> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.0 | CC: | hhorak, redhat-bugzilla |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2004-02-03 19:10:34 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Toni Willberg
2003-04-09 10:57:18 UTC
I agree with you. I have been adding --bind-address=127.0.0.1 to /etc/rc.d/init.d/mysqld on the safe_mysqld line. I don't trust the acl not to allow someone to buffer overflow or exploit mysqld in some way. Even if it is just DDoS. Still valid for mysql-server-3.23.56-2. *** Bug 109424 has been marked as a duplicate of this bug. *** I'm a bit hesitant to override the upstream's opinions about how to configure their software. If we do this then Red Hat installations will behave differently from everyone else's, and we'll get bug reports about how people can't connect to their MySQL servers. I'd suggest taking it up with MySQL AB and seeing if you can convince them it's a good idea. |