Passwordless MySQL root account in shared hosting
I was doing some work with many terminals open, and in one terminal I typed the following to access my MySQL databases;
$ mysql -u root
and I’ve been granted access, as I don’t set any password for my local MySQL account. I was somehow surprised however when I run the following command
mysql> show databases;
as I’ve been presented with many databases, maybe hundreds of them, and with that I realize something is not right somewhere. Upon checking, I found out that I was accessing the wrong server, and to my surprise again, it’s in my shared webhosting’s server.
When thinking creating rogue PHP scripts will let you do what your jailshell won’t let you do, this incident make me want to have a co-located server even more. I guess it’s a bad idea now to have all my shells to look the same when working with multiple terminals.
3 Comments to “Passwordless MySQL root account in shared hosting”
Post comment
Connect with me
What I'm Doing (via twitter)...
- is applying for US visa. The website is not helping at all http://twitpic.com/16hvxp 1 week ago
- @abumuaaz want to focus on my wireless project (yes, I get paid for that) and some development work. Ada job to pass ka? :) in reply to abumuaaz 1 week ago
- is running 'sudo dd if=/dev/zero of=/dev/sda' on his laptop. Will it work, my computer forensic friends? 1 week ago
- is on his first day of being jobless, hahaha. 1 week ago
- finished reading Crowdsourcing: Why the Power of the Crowd Is Driving the Future of Business, in 32 hours. Next, Wikinomics. 1 week ago
- is on his way to island hopping. Woohoo! 1 week ago
- is leaving on a jetplane, don't know when he'll be back again... 2 weeks ago
- missed his flight to KK. Will need to take the first flight tomorrow and pray he'll make it for his 9am meeting. 2 weeks ago
- More updates...












Talk to the hosting company and get to sponsor you a co-hosted package for your discovery…
I blog about this actually because I was frustrated when I got no reply from the hosting company after reporting to them about this, though there was not even a mention about getting free hosting whatsoever in the email. At least not yet
For update, the problem is still there..
[...] in Information Insemination Due to some serious problems with shared webhosting, as I blogged here and here, I’m now seriously considering to self-host all my [...]