Bug #3489 Privileges not restricting access from localhost
Submitted: 17 Apr 2004 7:15 Modified: 17 Apr 2004 8:28
Reporter: Christian Kirsch Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:4.1.1 OS:
Assigned to: CPU Architecture:Any

[17 Apr 2004 7:15] Christian Kirsch
Description:
mysql -u foo: connects to the MySQL server

However:
    mysql -e "show grants for foo"
   ERROR 1141 at line 1: There is no such grant defined for user 'foo' on host '%'

And of course:
  mysql -e "select * from mysql.user where user='foo'"
returns nothing.

So, a completley bogus use can connect to MySQL.

Now I do a
  mysql -e "create database bar; grant select on bar.* to foo@'%' identified by 'foo'"

Show grants gives me:
GRANT USAGE ON *.* TO 'foo'@'%' IDENTIFIED BY PASSWORD '*F3A2A51A9B0F2BE2468926B4132313728C250DBF' |
| GRANT SELECT ON `bar`.* TO 'foo'@'%'  

And of course I can do a
  mysql -u foo bar
without supplying a password (why?)

However, after  
  grant select  on bar.* to foo@localhost identified by 'foo',

now
  mysql -u foo bar

gives an error (Access denied). 

To summarize: If a user is granted access WITH a password from any host, connecting from localhost is possible without giving a password. I was even able to remove records from a table although only the SELECT privilege was assigned to this account

How to repeat:
s.a.

Suggested fix:
Users not present in the mysql.user table should not be able to connect at all.
Users with a host name of '%' and a password should not be able to connect from localhost without a password.
[17 Apr 2004 8:28] Paul DuBois
Thank you for taking the time to write to us, but this is not
a bug. Please double-check the documentation available at
http://www.mysql.com/documentation/ and the instructions on
how to report a bug at http://bugs.mysql.com/how-to-report.php

Additional info:

This occurs because the initial MySQL accounts include
two anonymous accounts. To achieve what you want,
remove those accounts. See the DELETE/FLUSH statements
at the end of this page:

http://dev.mysql.com/doc/mysql/en/Default_privileges.html