Bugtraq mailing list archives
Re: MySQL 5.0 information leak?
From: Stephen Frost <sfrost () snowman net>
Date: Fri, 20 Jan 2006 19:30:57 -0500
* Bernd Wurst (bernd () bwurst org) wrote:
I think of this as a security issue because I have user accounts (nss) that have publicly available credentials but noone should be able to see how the database really is organized. What do you think of this? Bug?
Probably not but the answer you seek is in the SQL specification.
Information Schema is defined there and it also defines what is allowed
to be seen and by whom. Wanting to hide the database layout from the
users of the database in this way seems quite... confused.
Thanks,
Stephen
Attachment:
signature.asc
Description: Digital signature
Current thread:
- MySQL 5.0 information leak? Bernd Wurst (Jan 20)
- RE: MySQL 5.0 information leak? Burton Strauss (Jan 21)
- Re: MySQL 5.0 information leak? Johan De Meersman (Jan 26)
- Re: MySQL 5.0 information leak? Stephen Frost (Jan 23)
- <Possible follow-ups>
- Re: MySQL 5.0 information leak? Lance James (Jan 26)
- RE: MySQL 5.0 information leak? Burton Strauss (Jan 26)
- Re: MySQL 5.0 information leak? Duncan Simpson (Jan 30)
- RE: MySQL 5.0 information leak? Burton Strauss (Jan 21)