[SLUG] phpMyAdmin warning message

• Next message: Bill Canaday: "[SLUG] Quickie question Hellllllllllp!"
• Previous message: wchast@utilpart.com: "RE: [SLUG] Error enabling swap device"
• Next in thread: Logan Tygart: "Re: [SLUG] phpMyAdmin warning message"
• Reply: Logan Tygart: "Re: [SLUG] phpMyAdmin warning message"
• Reply: Kwan Lowe: "Re: [SLUG] phpMyAdmin warning message"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

phpMyAdmin is a pretty slick piece of work but it's thorough enough that it's
pointing out a fairly urgent problem.

phpMyAdmin is telling me

"Your configuration file contains settings (root with no password) that
correspond to the default MySQL privileged account. Your MySQL server is
running with this default, is open to intrusion, and you really should fix
this security hole."

This sounds like it is warning me about several things, none of them any good.
1) that the root MySQL account does not have a password
2) that phpMyAdmin is logged into MySQL as that passwordless root user
3) that anyone who wants to can log into my web server and really bugger
things up.

In Webmin I can see that the root user is indeed passwordless and I can give
him a password. However, I can than no longer log in via phpMyAdmin. So I
edited the password fields in config.inc.php to show (first) the hash of the
password that Webmin showed me after encrypting it and (second try) the clear
text of the password before encryption.

I -want- to fix this hole but don't know how. phpMyAdmin looks to be a mighty
useful tool, but I don't want to share admin priveleges with everybody on the
planet.

Solutions? Tips? Tutorials? Documentation segments to read? I'm not looking to
be a MySQL consultant ... only to get this single instance of it running on
my personal web server so I can serve variable content web pages.

Bill

-- 
http://cannaday.us (genealogy)
http://organic-earth.com (organic gardening)
Uptimes below for the machines that created / host these sites.
 23:14:00  up 49 days, 23:56,  8 users,  load average: 0.19, 0.26, 0.26
 21:58:52  up 34 days,  2:11,  4 users,  load average: 0.03, 0.01, 0.00
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

• Next message: Bill Canaday: "[SLUG] Quickie question Hellllllllllp!"
• Previous message: wchast@utilpart.com: "RE: [SLUG] Error enabling swap device"
• Next in thread: Logan Tygart: "Re: [SLUG] phpMyAdmin warning message"
• Reply: Logan Tygart: "Re: [SLUG] phpMyAdmin warning message"
• Reply: Kwan Lowe: "Re: [SLUG] phpMyAdmin warning message"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:08:23 EDT