How bad is setting MySQL's bind-address to 0.0.0.0?

I'm trying to allow a remote server to access a MySQL instance that currently shares a Linux server with a web app. According to the documentation the only way this would be possible (unless I'm not understanding correctly) is if the bind-address directive is set to 0.0.0.0, which results in MySQL allowing access from any IP that can produce a valid user.

So, two questions:

1. how detrimental would this be to security?
2. is there a better approach to allowing both local and remote interaction with MySQL?

I think you are misunderstanding the bind-address setting a little. These are the local addresses that MySQL will listen for connections. The default is 0.0.0.0 which is all interfaces. This setting does not restrict which IPs can access the server, unless you specified 127.0.0.1 for localhost only.

If you need to restrict certain users from specific IP addresses, utilize create/grant user like this CREATE USER 'bobdole'@'192.168.10.221';

a. Its bad. Even though you could restrict user access by ip on each database, I think its safer to have all connections come in locally. On my servers I allow MySQL to only accept local connections, 127.0.0.1 as is the default configuration. To access the database remotely, all you need to do is create a ssh tunnel before connecting to the database and then connect locally. If you're coding with php its pretty easy to do this. If you're using a desktop application its easy to do it on Linux (look up ssh tunnel), On Windows I normally use a program like Putty to make the tunnel for me.