Hello. By default mysql-server installation configures mysqld to listen on all addresses (0.0.0.0). I suggest changing the default configuration to bind mysqld only to localhost (127.0.0.1) by adding "bind-address=127.0.0.1" to /etc/my.cnf. There should be no need to listen on 0.0.0.0 right after installation, as the database is empty anyway. Version-Release number of selected component (if applicable): mysql-server-3.23.54a-4
I agree with you. I have been adding --bind-address=127.0.0.1 to /etc/rc.d/init.d/mysqld on the safe_mysqld line. I don't trust the acl not to allow someone to buffer overflow or exploit mysqld in some way. Even if it is just DDoS.
Still valid for mysql-server-3.23.56-2.
*** Bug 109424 has been marked as a duplicate of this bug. ***
I'm a bit hesitant to override the upstream's opinions about how to configure their software. If we do this then Red Hat installations will behave differently from everyone else's, and we'll get bug reports about how people can't connect to their MySQL servers. I'd suggest taking it up with MySQL AB and seeing if you can convince them it's a good idea.