Red Hat Bugzilla – Bug 88352
rfe: mysqld should bind only to localhost by default instead of 0.0.0.0
Last modified: 2013-07-02 22:59:45 EDT
By default mysql-server installation configures mysqld to listen on all
I suggest changing the default configuration to bind mysqld only to localhost
(127.0.0.1) by adding "bind-address=127.0.0.1" to /etc/my.cnf.
There should be no need to listen on 0.0.0.0 right after installation, as the
database is empty anyway.
Version-Release number of selected component (if applicable):
I agree with you. I have been adding --bind-address=127.0.0.1 to
/etc/rc.d/init.d/mysqld on the safe_mysqld line. I don't trust the acl not to
allow someone to buffer overflow or exploit mysqld in some way. Even if it is
Still valid for mysql-server-3.23.56-2.
*** Bug 109424 has been marked as a duplicate of this bug. ***
I'm a bit hesitant to override the upstream's opinions about how to
configure their software. If we do this then Red Hat installations
will behave differently from everyone else's, and we'll get bug
reports about how people can't connect to their MySQL servers.
I'd suggest taking it up with MySQL AB and seeing if you can convince
them it's a good idea.