Re: securing ndb_mgmd - Len Kranendonk - com.mysql.lists.cluster

7 messages in com.mysql.lists.clusterRe: securing ndb_mgmd

From	Sent On	Attachments
Len Kranendonk	27 Jan 2005 01:28
Alex Davies	27 Jan 2005 01:31
Len Kranendonk	27 Jan 2005 02:00
kla...@opperen.dk	27 Jan 2005 04:32
Stewart Smith	27 Jan 2005 17:16
Tomas Ulin	08 Feb 2005 01:48
Len Kranendonk	08 Feb 2005 04:07

Subject:	Re: securing ndb_mgmd
From:	Len Kranendonk (le...@primaat.com)
Date:	01/27/2005 02:00:14 AM
List:	com.mysql.lists.cluster

chown root:root ndb_mgm chmod ndb_mgm 700

Should make access only to root.

That does not fix the problem. A malicious user can run his own version of ndb_mgm.

Also, it seems that there is no check on the source IP address of the ndb_mgm client. I've just installed the ndb_mgm client on a box outside the cluster, and I can connect to the management server and bring down the cluster as a regular user.

Len