"Joshua J. Kugler" <joshua@eeinternet.com> writes:
> On Monday 09 August 2010, Joshua D. Drake elucidated thus:
>> The actual requirement is:
>>
>> Thou shall not use a privelaged user, e.g; Administrator or UID = 0.
>>
>> Not only is that a reasonable default, MySQL is broken because of
>> theirs.
> Hmm...I've always seen MySQL run under the user mysql. Of course,
> mysqld_safe (the script that restarts mysql if it crashes) starts as
> root, but the actually binary runs as mysql.
That's how it's done if the user/packager knows what they're doing.
The problem is that not only doesn't mysql enforce that, it isn't
the default --- mysqld_safe is perfectly happy to launch the server
as root if you don't tell it not to. If you dig hard enough in their
manuals, you can find a recommendation to not run the server as root;
but they don't exactly push you to avoid that.
regards, tom lane