Hi,
The correct behavior of MySQL would be to allow connections from localhost to a database if there is a grant for that specific user. You can't lock that down as the connection would be coming from 'localhost'.
Meaning, as long as I am on the same server (shared hosting), and I know the dbname & password - I can easily connect to the database.
Anyway to disallow this ?
Googeling about it, I found something with suhosin -
suhosin.sql.user_prefix
suhosin.sql.user_postfix
But I am no sure how to configure it..
Eli.
The correct behavior of MySQL would be to allow connections from localhost to a database if there is a grant for that specific user. You can't lock that down as the connection would be coming from 'localhost'.
Meaning, as long as I am on the same server (shared hosting), and I know the dbname & password - I can easily connect to the database.
Anyway to disallow this ?
Googeling about it, I found something with suhosin -
suhosin.sql.user_prefix
suhosin.sql.user_postfix
But I am no sure how to configure it..
Eli.