Gentoo Archives: gentoo-hardened

From:	Chris PeBenito <pebenito@g.o>
To:	Richard Simpson <richard.simpson@×××××.com>
Cc:	Christian Heim <heim@××××××××××××××.de>, gentoo-hardened@l.g.o
Subject:	RE: [gentoo-hardened] mysql-4.0.22 asking to "Authenticating root"
Date:	Sat, 06 Nov 2004 15:39:51
Message-Id:	`1099755337.9446.19.camel@chris.pebenito.net`
In Reply to:	RE: [gentoo-hardened] mysql-4.0.22 asking to "Authenticating root" by Richard Simpson

1	On Sat, 2004-11-06 at 08:25 -0700, Richard Simpson wrote:
2	> > machine. The Problem is, mysql init.d script is generally asking
3	> > for the root
4	> > password, to authenticate the root user.
5	>
6	> This is normal behavior for any script in init.d that is manually
7	> start/stopped. If you add the mysql to a runlevel and let init start it,
8	> there is no authentication required.
9
10	[cut]
11	> All you have to do is write your own
12	> start/stop script for mysql (running under bash) and modify the selinux
13	> policy accordingly.
14
15	This is not a good idea. This loosens the separation between system and
16	admin in a bad way. See my other response.
17
18	--
19	Chris PeBenito
20	<pebenito@g.o>
21	Developer,
22	Hardened Gentoo Linux
23	Embedded Gentoo Linux
24
25	Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xE6AF9243
26	Key fingerprint = B0E6 877A 883F A57A 8E6A CB00 BC8E E42D E6AF 9243

File name	MIME type
signature.asc	application/pgp-signature