Can't revoke dangerous-looking privileges

bunner_bob

I looked into my "user" table in mysql and found a user/host combination I didn't (knowingly) create. It looks a little like my own IP number, but that number has changed so it's certainly not current now.

When I try to delete it, the terminal tells me there's an error - I don't think it understands the syntax of the user name.

The line in the user table shows:

localhost = 12-345-67-89.client.attbi.com (IP changed here for safety)
user = root
password = (empty - no password)

This looks scary to me - no password required? Granting root-level access?

My attempts to revoke look like
mysql> revoke all on * from root@12-345-67-89.client.attbi.com;
and are met with a sql syntax error message

My question is - do I have to worry about this? Can I revoke for this particular user? I already have another permission line for root at localhost, which works fine, so I don't think I'll end up losing access.

I'm worried about this - any advice?

theeper

By default, when you install MySQL, two root users are added. One with localhost as Host and one with (what should be) the actual hostname. You should always set the passwords for this user as soon as you install MySQL.

If you want to delete the second user, why not do a simple DELETE query...

DELETE FROM User WHERE Host='12-345-67-89.client.attbi.com' AND User='root';

Then, don't forget to FLUSH PRIVILEGES;

bunner_bob

Ahh - thanks. I had the password for the localhost user, but for some reason one didn't get created for the "actual" host. I'd thought of deleting the row, but was afraid it might render my db inaccessible or something. But all seems well - thanks again!