1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MDEV-14796 - debian: insecure root password is only if plugin is empty

Browse Source 
Enumerate plugins that use password field.
This commit is contained in:
Sergey Vojtovich 2018-01-15 16:21:45 +04:00
parent 1879b2b8df
commit 7e3c1e02b7
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
debian/additions/debian-start.inc.sh vendored
View File

@ -65,7 +65,7 @@ function check_root_accounts() {
logger -p daemon.info -i -t$0 "Checking for insecure root accounts."
ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='' and plugin='';" | $MYSQL --skip-column-names )
ret=$( echo "SELECT count(*) FROM mysql.user WHERE user='root' and password='' and plugin in ('', 'mysql_native_password', 'mysql_old_password');" | $MYSQL --skip-column-names )
if [ "$ret" -ne "0" ]; then
logger -p daemon.warn -i -t$0 "WARNING: mysql.user contains $ret root accounts without password!"
fi