Restore creation of test databases and the anonymous user which

were accidentally removed during a previous rototill of this code. Fixes bug#27692. While it can be argued we should strive to provide a 'secure by default' installation, this happens to be the setup currently documented in the manual as the default, so defer changes that improve security out of the box to a co-ordinated effort later on. For now, make a note about the test databases and anonymous user in mysql_install_db and recommend that mysql_secure_installation be ran for users wishing to remove these defaults. [..re-commit of previously lost change..]

Restore creation of test databases and the anonymous user which
were accidentally removed during a previous rototill of this code. Fixes bug#27692. While it can be argued we should strive to provide a 'secure by default' installation, this happens to be the setup currently documented in the manual as the default, so defer changes that improve security out of the box to a co-ordinated effort later on. For now, make a note about the test databases and anonymous user in mysql_install_db and recommend that mysql_secure_installation be ran for users wishing to remove these defaults. [..re-commit of previously lost change..]
5c0c5921 · jperkin@production.mysql.com · 3b3be2ad · 5c0c5921 · 5c0c5921 · 5c0c5921
Commit 5c0c5921 authored Oct 04, 2007 by jperkin@production.mysql.com
Showing with 12 additions and 0 deletions

mysql-test/mysql-test-run.pl mysql-test/mysql-test-run.pl +1 -0

scripts/mysql_install_db.sh scripts/mysql_install_db.sh +9 -0

scripts/mysql_system_tables_data.sql scripts/mysql_system_tables_data.sql +2 -0

No files found.
--- a/mysql-test/mysql-test-run.pl
+++ b/mysql-test/mysql-test-run.pl
@@ -3059,6 +3059,7 @@ sub install_db ($$) {
  mtr_appendfile_to_file("$path_sql_dir/fill_help_tables.sql",
 			 $bootstrap_sql_file);
+  # Remove anonymous users
  mtr_tofile($bootstrap_sql_file,
 	     "DELETE FROM mysql.user where user= '';");

--- a/scripts/mysql_install_db.sh
+++ b/scripts/mysql_install_db.sh
@@ -371,7 +371,16 @@ then
    echo "To do so, start the server, then issue the following commands:"
    echo "$bindir/mysqladmin -u root password 'new-password'"
    echo "$bindir/mysqladmin -u root -h $hostname password 'new-password'"
+    echo
+    echo "Alternatively you can run:"
+    echo "$bindir/mysql_secure_installation"
+    echo
+    echo "which will also give you the option of removing the test"
+    echo "databases and anonymous user created by default.  This is"
+    echo "strongly recommended for production servers."
+    echo
    echo "See the manual for more instructions."
+    echo
    if test "$in_rpm" -eq 0
    then

--- a/scripts/mysql_system_tables_data.sql
+++ b/scripts/mysql_system_tables_data.sql
@@ -17,5 +17,7 @@ CREATE TEMPORARY TABLE tmp_user LIKE user;
 INSERT INTO tmp_user VALUES ('localhost','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
 REPLACE INTO tmp_user VALUES (@@hostname,'root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
 REPLACE INTO tmp_user VALUES ('127.0.0.1','root','','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','Y','','','','',0,0,0,0);
+INSERT INTO tmp_user (host,user) VALUES ('localhost','');
+INSERT INTO tmp_user (host,user) VALUES (@@hostname,'');
 INSERT INTO user SELECT * FROM tmp_user WHERE @had_user_table=0;
 DROP TABLE tmp_user;