| Bug #60587 | Advice for Root Account Without Password is not correct | ||
|---|---|---|---|
| Submitted: | 22 Mar 2011 13:06 | Modified: | 23 Aug 2011 10:34 |
| Reporter: | Daniël van Eeden | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Enterprise Monitor: Advisors/Rules | Severity: | S4 (Feature request) |
| Version: | 2.3.1 | OS: | Any |
| Assigned to: | Mark Leith | CPU Architecture: | Any |
[22 Mar 2011 17:07]
Gary Whizin
Good find: we'll change advice from the UPDATE statement to using the SET PASSWORD statement
[23 Aug 2011 10:34]
Stefan Hinz
Since this was found/fixed internally and will be transparent to users when they upgrade, not adding a doc changelog entry for it.
[23 Aug 2011 10:34]
Stefan Hinz
Thank you for your bug report. This issue has already been fixed in the latest released version of that product, which you can download at http://www.mysql.com/downloads/
Description: This is the Recommended Action for Root Account Without Password (v 1.7 *): UPDATE user SET password = PASSWORD('strong_password') WHERE user = 'root'; FLUSH PRIVILEGES; Using GRANT/REVOKE might be better. This won't work as a 'USE mysql;' is missing. Or user should be substituted my mysql.user. How to repeat: Install MEM 2.3.1 and create a root account without password in mysql. Suggested fix: Use GRANT/REVOKE.