Insecurity by default (was: MySQL Help)
Stephen
stephen-d-bJEeYj9oJeDQT0dZR+AlfA at public.gmane.org
Thu Jun 29 01:19:19 UTC 2006
Jason Spiro wrote:
>> > The MySQL docs say networking is on by default.
>>
>> e.g. - insecure by default.
>
> I hate "insecure by default" products. It's led to so many PHP
> injection attacks internet wide you wouldn't believe it, including PHP
> bulletin board software worms that attack server machines.
>
> How can "insecurity by default" be discouraged, though? Boycott such
> products???
Hmmm... how often is a database server never accessed across a network?
I just don't see that many database administrators going into the server
room to do their work.
I agree with the sentiment, but this is not a very good example of a
violation.
Stephen
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list