On Wed, 17 Feb 1999, Christofer C. Bell wrote: > I'd like to point out that mSQL by default (all versions) DO NOT have > hosts based access control enabled. This was noted in Bugtraq long ago, but isn't entirely true with recent versions. Remote access is disabled by default going back to at least version 2.0.4.1. There are new "Remote_Access" and "Local_Access" keywords in msql.conf, set by default to False and True, respectively, in the included sample file. These keywords take precedence over the "access" keyword in msql.acl. What hasn't changed in recent versions is that all databases have unrestricted local access by default. I still believe it would be wise for mSQL to ship with a default msql.acl file that denies all access. -- John W. Temples, III || Providing the first public access Internet Gulfnet Kuwait || site in the Arabian Gulf region
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:35:56 PDT