maria-discuss team mailing list archive

Thread
Date

Why does local root need a password?

To: maria-discuss@xxxxxxxxxxxxxxxxxxx
From: Felipe Gasper <felipe@xxxxxxxxxxxxxxxx>
Date: Mon, 25 Mar 2019 18:07:01 -0400

Hello,

	I’ve submitted a proposal to the MySQL team to allow the system administrator, when logging in via a local socket that indicates reliably that the DB client is the superuser (e.g., SO_PEERCRED in Linux), to not need a password. As implemented, my suggestion allows root to log in as any user.

	The rationale is that the system administrator can do anything on the server (including manual edits to the DB files) anyway; thus, every user already implicitly trusts that user with their data.

	This will simplify DB administration on several levels, but most conspicuously because a lost DB admin password will no longer necessitate the awkward one-time-init-file recovery method.

	Would MariaDB be interested in this proposal?

-FG

Follow ups

Re: Why does local root need a password?
From: Claudio Nanni, 2019-03-26
Re: Why does local root need a password?
From: Sergei Golubchik, 2019-03-25
Re: Why does local root need a password?
From: Justin Swanhart, 2019-03-25