diff --git a/docs/en/html/security-mysql.html b/docs/en/html/security-mysql.html deleted file mode 100644 index 784cd7631..000000000 --- a/docs/en/html/security-mysql.html +++ /dev/null @@ -1,373 +0,0 @@ - -MySQL
The Bugzilla Guide - 3.4.1 - Release
PrevChapter 4. Bugzilla SecurityNext

4.2. MySQL

4.2.1. The MySQL System Account

As mentioned in Section 4.1.2, the MySQL - daemon should run as a non-privileged, unique user. Be sure to consult - the MySQL documentation or the documentation that came with your system - for instructions. -

4.2.2. The MySQL "root" and "anonymous" Users

By default, MySQL comes with a "root" user with a - blank password and an "anonymous" user, also with a blank - password. In order to protect your data, the "root" user - should be given a password and the anonymous user should be disabled. -

Example 4-1. Assigning the MySQL "root" User a Password


bash$ mysql mysql
-mysql> UPDATE user SET password = password('new_password') WHERE user = 'root';
-mysql> FLUSH PRIVILEGES;
-

Example 4-2. Disabling the MySQL "anonymous" User


bash$ mysql -u root -p mysql           
-Enter Password: new_password
-mysql> DELETE FROM user WHERE user = '';
-mysql> FLUSH PRIVILEGES;
-
This command assumes that you have already completed - Example 4-1. -

4.2.3. Network Access

If MySQL and your web server both run on the same machine and you - have no other reason to access MySQL remotely, then you should disable - the network access. This, along with the suggestion in - Section 4.1.1, will help protect your system from - any remote vulnerabilities in MySQL. -

Example 4-3. Disabling Networking in MySQL

Simply enter the following in /etc/my.cnf: - 

[mysqld]
-# Prevent network access to MySQL.
-skip-networking
-
-

PrevHomeNext
Operating SystemUpWeb server
\ No newline at end of file