Skip to main content
M
matthew stuart
Inspiring
March 11, 2009
Question

Securing MySQL on Mac OSX

  • March 11, 2009
  • 3 replies
  • 1026 views
I am in the process of installing MySQL and PHP on my Mac and I have come to a section that is called 'Securing MySQL on Mac OSX'.

Basically it states that MySQL is up and running with a default account of 'root' and it's not password protected and so I need to plug that security gap.

I've always used root as my account when working on PC's but having read this in David's book, I am now concerned; does this mean that I am open to attack from a potential hacker if I don't password protect MySQL?

It mentions that root in MySQL has nothing to do with the root of Mac OSX, but I need to know if MySQL being unprotected in this way has opened a door for hackers.

TIA

Mat
This topic has been closed for replies.

3 replies

H
hughanagle
Known Participant
February 18, 2010

Thanks, Ken, for your help. I figured it out, in fact. The root user on my MySql server already had a password set. Typing the following:

mysqladmin -u root -p password "newpassword"

... did the job for me.

N
Newsgroup_User
Inspiring
March 11, 2009
matthew stuart wrote:
> It mentions that root in MySQL has nothing to do with the root of Mac OSX, but
> I need to know if MySQL being unprotected in this way has opened a door for
> hackers.

No, just follow the instructions, and you'll have a secure installation
of MySQL.

--
David Powers
Adobe Community Expert, Dreamweaver
http://foundationphp.com
H
hughanagle
Known Participant
February 18, 2010

I'm trying to secure MySql on Snow Leopard (10.6.2) as per the instructions (from page 273 of David's book). I have "amended PATH in the bash shell in OS X 10.4 or later", as directed.

When I then try to set the MySql root password by typing "mysql -u root" in Terminal, I get a "command not found" message.

Any suggestions?… in layman's terms as far as possible, please….

TIA

Hugh

H
hughanagle
Known Participant
February 18, 2010

I have progressed a few steps....

I am now getting the error below when I type "mysql -u root" in Terminal.

ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: NO)

Any help would be much appreciated.

Hugh

N
Newsgroup_User
Inspiring
March 11, 2009
matthew stuart wrote:
> I am in the process of installing MySQL and PHP on my Mac and I have come to a
> section that is called 'Securing MySQL on Mac OSX'.
>
> Basically it states that MySQL is up and running with a default account of
> 'root' and it's not password protected and so I need to plug that security gap.
>
> I've always used root as my account when working on PC's but having read this
> in David's book, I am now concerned; does this mean that I am open to attack
> from a potential hacker if I don't password protect MySQL?
>
> It mentions that root in MySQL has nothing to do with the root of Mac OSX, but
> I need to know if MySQL being unprotected in this way has opened a door for
> hackers.

Is your computer behind a firewall? Can your computer be seen on the
internet? If not, then its only people inside your network that can see
your computer and access it.

To be safe, just give the mysql root user a nice secure password.

I always create a mysql user for front end connections, with limited
permissions, and then another one for back end connections, with
relevant permissions for its tasks.

Dooza
--
Posting Guidelines
http://www.adobe.com/support/forums/guidelines.html
How To Ask Smart Questions
http://www.catb.org/esr/faqs/smart-questions.html
Terms & ConditionsAccessibility statement
Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices