许多MysqL程序都会带有匿名登录的功能。在刚刚安装完MysqL之后,就可以登录数据库啦。
这对于平时使用MysqL来说也基本没有什么,但是如果我们想部署数据库的时候,这种登录方式式绝对不能存在的!试想一下,如果你的数据库随便就可以进入的话,我想你一定会在半夜收到电话,说数据出问题啦!
首先使用命令进入数据库
[root@localhost raul]# MysqL -u root -p
Enter password:
Welcome to the MysqL monitor. Commands end with ; or \g.
Your MysqL connection id is 3
Server version: 5.1.73 Source distribution
Copyright (c) 2000,2013,Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MysqL> use MysqL
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MysqL> select user,host from user;
+------+-----------------------+
| user | host |
+------+-----------------------+
| root | 127.0.0.1 |
| | localhost |
| root | localhost |
| | localhost.localdomain |
| root | localhost.localdomain |
+------+-----------------------+
5 rows in set (0.00 sec)
我们看到啦,在user这一列有的行是空的,这就是那个匿名用户啦~!在这一步我们已经找到匿名用户啦,剩下的操作就是删除掉这个用户,保证登录安全
MysqL> delete from user where user='';
Query OK,2 rows affected (0.00 sec)
此时MysqL执行的状态显示我们删除了两行数据,然后执行一边查询命令,确认一下是不是真的删除成功啦啊
MysqL> select user,host from user;
+------+-----------------------+
| user | host |
+------+-----------------------+
| root | 127.0.0.1 |
| root | localhost |
| root | localhost.localdomain |
+------+-----------------------+
3 rows in set (0.00 sec)
OK!已经成功删除啦