Is having a root .my.cnf file a bad idea?

David Colter

Active Member
Jun 30, 2016
39
8
8
USA
cPanel Access Level
Root Administrator
After completing a long-overdue upgrade of database software from MariaDB 5.5 to 10.2 and cleaning up the broken pieces, I discovered that it is not necessary to enter a password for the root user from the command line any more.

Code:
# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 44
Server version: 10.2.19-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> SELECT user,host,password FROM mysql.user WHERE user='';
Empty set (0.00 sec)

MariaDB [(none)]>
In researching how to fix this, it was apparent that there are two sides to the issue.

Searching further for the reason, I found the a file .my.cnf in the root directory with user and password. Aha!

Code:
# cat ~/.my.cnf
[client]
password="<the password>"
user=root
[mysqld]
#
Considering the server has disabled root "password" login (key only), is this opening a vulnerability? Is is mainly for the convenience?

Thanks for adding your view!

David
 

cPanelMichael

Technical Support Community Manager
Staff member
Apr 11, 2011
47,911
2,234
363
cPanel Access Level
DataCenter Provider
Twitter
Hello David,

Root access to the system is required in order to see the contents of the file. Additionally, the root password in the /root/.my.cnf file is not the same as the server's root password.

Let me know if you have any questions.

Thanks!