Mysql woes

Andrew Gould andrewlylegould at gmail.com
Tue Aug 5 04:18:48 PDT 2008 

On Tue, Aug 5, 2008 at 5:44 AM, David A. Bandel <david.bandel at gmail.com>wrote:

> On Mon, Aug 4, 2008 at 12:56 PM, Andrew Gould <andrewlylegould at gmail.com>
> wrote:
> > On Mon, Aug 4, 2008 at 11:42 AM, David A. Bandel <david.bandel at gmail.com
> >
> > wrote:
> >>
> >> Folks,
> >>
> >> Hope someone here knows the POS mysql well enough to help.
> >>
> >> A client has some databases.  These can be accessed from the command
> >> line.  But connecting w/ phpmyadmin shows only a couple of the
> >> databases.  This must be a privileges problem, but I don't know enough
> >> about mysql to solve it.
> >>
> >> Any suggestions welcome (short of dumping all the databases and
> >> importing them to postgresql -- that's my next step).
> >>
> >> TIA,
> >>
> >> David A. Bandel
> >
> > You're "next step" doesn't sound so bad to me.   ;-)
> >
> > As for MySQL, it's been awhile, but.....
> >
> > Can you determine the username used by phpmysqladmin?  The username used
> to
> > be stored as plain text in one of the phpmysqladmin configuration files.
> > Once you have the name, you can adjust it's access rights.
>
> www-data at localhost
>
> granted permissions on one database via:
>  grant all on dbname.* to 'www-data'@'localhost';
>
> query OK, no rows affected.  However, still don't see that database.
>
> I just can't seem to wrap my head around how php and phpmyadmin decide
> which databases will show up in the list of databases.  I still only
> see 2 of 68.
>
> >
> > As I recall, you can adjust access rights using the GRANT SQL statement
> or
> > by updating the administrative tables in the database named mysql.  If
> you
> > connect to the mysql database, a "show tables" command at the interactive
> > prompt should be helpful in finding the correct administrative table.
> >
> > There is also a "show databases" command; but I assume you already know
> the
> > name of the database since you can see it from the command line.
> >
> > The MySQL version of GRANT allows for the use of wildcards.  You can find
> > examples here:
> > http://dev.mysql.com/doc/refman/6.0/en/grant.html
> >
> > Note that for database and table names, you can use the wildcard "*"; but
> to
> > grant access to a user from any host, the "%" is used.  For example, to
> let
> > 'somebody' do anything/everything to any database/table from anywhere,
> the
> > root database user could execute:
> >
> > grant all on *.* to 'somebody'@'%';
> >
> > (NOT that I'm advocating such a policy!)
>
> why not?  these idiots still have root w/ no password as the administrator.
>
> That's when all this fun started.  I found them being used as a
> phishing site (thanx to PHP and their configuration w/ safe_mode =
> off).
>
>
> Ciao,
>
> David A. Bandel
>


I wonder if there's a configuration option to identify viewable databases,
aside from permissions.

Andrew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.celestial.com/pipermail/linux-users/attachments/20080805/dd779c5c/attachment-0002.html

More information about the Linux-users mailing list