Quoting Jon Ernster <
jon.ernster@gmail.com>:
> It doesn't make much sense why linux distros don't
> change this, but it doesn't make sense why MySQL is shipped without a
> root password either. I guess someone thinks it's a good idea, or
> doesn't think it's a bad enough idea to fix a common sense security flaw.
Maybe I misunderestimate your point, but if MySQL shipped with a root
password, wouldn't that password have to be disclosed in the docs
somewhere? I don't see how a known default password is any better
than no password at all.
Or are you saying that the installation or first startup should
require the creation of a root password? That would make sense.
alex
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)