Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Is having a root .my.cnf file a bad idea?

Discussion in 'Database Discussion' started by David Colter, Nov 16, 2018.

  1. David Colter

    David Colter Active Member

    Joined:
    Jun 30, 2016
    Messages:
    31
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    USA
    cPanel Access Level:
    Root Administrator
    After completing a long-overdue upgrade of database software from MariaDB 5.5 to 10.2 and cleaning up the broken pieces, I discovered that it is not necessary to enter a password for the root user from the command line any more.

    Code:
    # mysql
    Welcome to the MariaDB monitor.  Commands end with ; or \g.
    Your MariaDB connection id is 44
    Server version: 10.2.19-MariaDB MariaDB Server
    
    Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
    
    Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
    
    MariaDB [(none)]> SELECT user,host,password FROM mysql.user WHERE user='';
    Empty set (0.00 sec)
    
    MariaDB [(none)]>
    
    In researching how to fix this, it was apparent that there are two sides to the issue.

    Searching further for the reason, I found the a file .my.cnf in the root directory with user and password. Aha!

    Code:
    # cat ~/.my.cnf
    [client]
    password="<the password>"
    user=root
    [mysqld]
    # 
    
    Considering the server has disabled root "password" login (key only), is this opening a vulnerability? Is is mainly for the convenience?

    Thanks for adding your view!

    David
     
  2. dalem

    dalem Well-Known Member PartnerNOC

    Joined:
    Oct 24, 2003
    Messages:
    2,908
    Likes Received:
    127
    Trophy Points:
    368
    Location:
    SLC
    cPanel Access Level:
    DataCenter Provider
    the risk is minimal

    if a hacker has access to that file as root
    you have bigger problems
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,331
    Likes Received:
    2,161
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello David,

    Root access to the system is required in order to see the contents of the file. Additionally, the root password in the /root/.my.cnf file is not the same as the server's root password.

    Let me know if you have any questions.

    Thanks!
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice