Is it ok to leave the MySQL root password blank?

mysql security linux

Solution 1:

Yes, I'd consider it a fairly fundamental security vulnerability. Let me illustrate that by way of a story.

Long, long ago, in my younger and less knowledgeable days, I setup a server for internal testing of various bits and pieces I was testing out. It sat on my desk, unconnected to any network (this was a long time ago, before everything had to be on a network to be able to do anything). Whilst I was out of the office, someone else had need of a machine, and took my testing machine (I didn't mind; I was using the machine on the basis that it could be taken for other things if necessary). Since it was already running the OS that was needed, they just plugged it in to the network, and installed what they needed to.

The problem was, I'd setup all sorts of test accounts on that box, with easy to guess passwords (like the ever-useful test). Even that long ago, there were no shortage of miscreants who would have nothing better to do than password-guess accounts. It didn't take very long for them to find this machine, guess a password, and have their nefarious way with it.

The moral of the story? Requirements change. Even though you don't expect to do so now, there is a reasonable chance that over the life of the machine it's role will change -- the most likely outcome, I would expect, would be that other users will have access to the machine (either legitimately, or via an application-level exploit). The chances that you'll remember to set a MySQL root password when necessary are... slim, at best.

My recommendation would be to take the 10 seconds it'll take to set a MySQL root password and drop it into ~root/.my.cnf. The once-off time cost is far less than the cost of compromise times the probability of compromise.

Solution 2:

Exactly. You are not concerned about Linux users other than your own connecting to MySQL, and you will never be until they drop everything in MySQL.

Now, seriously, you should add a password. Consider that if someone tries to get into your server, they will have to compromise an user password from the server, and then also compromise the root password from MySQL. If you have not got a MySQL password, then it's easier to hack it.

Plus, no program is free of bugs. Just think that, if a bug in MySQL treats every connection as "local", you are going to have big problems.

Related

Is it okay to drop DNS type AAAA queries
Do you think NAT is largely responsible for the delay in IPv6 adoption?
Is there a reason not to use the hibernation in Windows?
How do you verify a job candidates resume?
Which Linux distributions support IPv6?
I have a programming contractor - how do I record their screen remotely?
why are there several nameservers for my domain?
Mac OS X Server 10.6 - Apple's software mirrored RAID worth it?
Log tcpdump Output
Why does 'pkill /?' kill my SSH session?
List all symbolic links on a unix system
How do you determine what type of CPU socket a linux computer has?