[debian-mysql] Bug#490777: binds to any with bind-address=127.0.0.1 if iface lo is not available
martin f krafft
madduck at debian.org
Mon Jul 14 09:27:01 UTC 2008
Package: mysql-server-5.0
Version: 5.0.32-7etch5
Severity: critical
Tags: security etch
I have mysqld configured to bind to 127.0.0.1 (which is the default
it seems):
sheep# grep '^bind' /etc/mysql/my.cnf
bind-address= 127.0.0.1
and yet:
sheep# netstat -natp | grep mysqld
tcp 0 0 92.42.190.29:3306 0.0.0.0:* LISTEN 26443/mysqld
It turns out that this is because I cannot actually bring up the lo
interface on a vserver:
sheep# ifup lo
SIOCSIFADDR: Permission denied
SIOCSIFFLAGS: Permission denied
SIOCSIFFLAGS: Permission denied
Failed to bring up lo.
Arguably, this is a problem with the vserver, but mysqld should
definitely not bind to any as a consequence. Instead, it should
refuse to start.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.25-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
--
.''`. martin f. krafft <madduck at debian.org>
: :' : proud Debian developer, author, administrator, and user
`. `'` http://people.debian.org/~madduck - http://debiansystem.info
`- Debian - when you have better things to do than fixing systems
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature (see http://martin-krafft.net/gpg/)
Url : http://lists.alioth.debian.org/pipermail/pkg-mysql-maint/attachments/20080714/94dadf98/attachment.pgp
More information about the pkg-mysql-maint
mailing list