-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all- Our security guy was just checking out the configuration of our new Web server when he happened to check the MySQL configuration and noticed that the "las" MySQL user created during the LAS installation has global privileges - insert, select, create, update on all databases and tables. That doesn't fly for a public-facing Web server. LAS folks - is there any reason why this user could not have privileges changed to a more secure level after the LAS installation, if these privileges are required during install? Greg > > > > > - -- Greg Keith - Web System Administrator greg.keith(-at-)noaa.gov NOAA ESRL Physical Sciences Division http://www.esrl.noaa.gov/psd R/PSD, 325 Broadway, Boulder, CO phone: 303-497-6645 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) iD8DBQFJemMr8IR34NeP2BwRAhgAAJ0U3CtljjDrL6dyYS4r1x968NCONgCfT6zA olPH8cJIuuXKN2f2HaIcjSc= =48qe -----END PGP SIGNATURE----- |