Bug #12530 Embedded Server does not authenticate user and password
Submitted: 11 Aug 2005 16:56 Modified: 11 Aug 2005 18:15
Reporter: Hernando Patino Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Documentation Severity:S2 (Serious)
Version:5.0.10a-beta-embedded OS:Windows (Windows 2000)
Assigned to: CPU Architecture:Any

[11 Aug 2005 16:56] Hernando Patino 
Description:
Using the embedded server ANYONE can connect to a embedded database without having any privileges.

User and password are not authenticated when one uses the embedded server!!  I can even enter non-existing users!

How to repeat:
Use the C API function mysql_real_connect() with diferent usernames and invalid password or non-existing users
[11 Aug 2005 18:03] Jim Winstead 
Authentication is disabled by default in the embedded server. To use authentication, you need to run ./configure with the --with-embedded-privilege-control flag when building the embedded server.

This should be documented.
[11 Aug 2005 18:15] Paul DuBois 
Thank you for your bug report. This issue has been addressed in the
documentation. The updated documentation will appear on our website
shortly, and will be included in the next release of the relevant
product(s).