Bug #62925 mysql_secure_installation script does not check user input
Submitted: 25 Oct 2011 14:12 Modified: 20 Dec 2016 19:23
Reporter: Rodolfo Ponteado Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Command-line Clients Severity:S3 (Non-critical)
Version:5.1.49-3, 5.5.18 OS:Any
Assigned to: CPU Architecture:Any

[25 Oct 2011 14:12] Rodolfo Ponteado 
Description:
Change the root password? [Y/n] n
 ... skipping.

By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them.  This is intended only for testing, and to make the installation
go a bit smoother.  You should remove them before moving into a
production environment.

Remove anonymous users? [Y/n] Y
 ... Success!

Normally, root should only be allowed to connect from 'localhost'.  This
ensures that someone cannot guess at the root password from the network.

Disallow root login remotely? [Y/n] t
 ... Success!

By default, MySQL comes with a database named 'test' that anyone can
access.  This is also intended only for testing, and should be removed
before moving into a production environment.

Remove test database and access to it? [Y/n] a
 - Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
 ... Failed!  Not critical, keep moving...
 - Removing privileges on test database...
 ... Success!

Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.

Reload privilege tables now? [Y/n] aaa
 ... Success!

Cleaning up...

How to repeat:
Just execute the script.

Suggested fix:
Check user input.
[25 Oct 2011 18:51] Valeriy Kravchuk 
Our check of user input, even in 5.5.18, looks like this:

#
# Set the root password
#

echo "Setting the root password ensures that nobody can log into the MySQL"
echo "root user without the proper authorisation."
echo

if [ $hadpass -eq 0 ]; then
    echo $echo_n "Set root password? [Y/n] $echo_c"
else
    echo "You already have a root password set, so you can safely answer 'n'."
    echo
    echo $echo_n "Change the root password? [Y/n] $echo_c"
fi

read reply
if [ "$reply" = "n" ]; then
    echo " ... skipping."
else
...

So, we check for 'n' as "no", and everything else is considered "yes". More strict check makes sense.
[26 Oct 2011 2:28] Rodolfo Ponteado 
Yes sir, i realized this since the beginning, perhaps i should have been more consice on the abstract topic saying that script does not check user input different than n.
[12 Jan 2014 17:41] Daniƫl van Eeden 
This bug is fixed in MySQL 5.7
[20 Dec 2016 19:23] Paul DuBois 
Posted by developer:
 
Noted in 5.5.55, 5.6.36, 5.7.18, 8.0.1 changelogs.

mysql_secure_installation is more strict about what it considers
valid yes and no responses.
[16 Jan 2018 17:20] Peng Alan 
test