1

I just installed MariaDB on a brand new Ubuntu 24.04 LTS server, and most online configuration tutorials suggest I run mariadb-secure-installation right after installation, otherwise my database service will be insecure. According to the docs, running this script allows me to:

  • Set a password for root accounts
  • Remove root accounts that are accessible from outside the local host
  • Remove anonymous-user accounts
  • You can remove the test database, which by default can be accessed by anonymous users

I'm looking around my fresh database installation and:

  • The root account is not accessible outside of the unix_socket authentication plugin. The native authentication auth string is set to invalid.
  • The root account is only accessible through the local Unix socket, so can't be accessed outside local host.
  • I did not find any anonymous user accounts.
  • There is no test database, and certainly not one that's accessible by anonymous users.

Furthermore, the default MariaDB config in Ubuntu and Debian binds to 127.0.0.1, so nothing is accessible outside of local host.

This sounds fairly secure to me and I don't see how running mariadb-secure-installation will further improve that. Is there something else that this script does or am I missing something? Is it something that's necessary on other distributions?

Thanks!

Improve this question
1
  • 1
    According to the docs, "Note that many of the reasons for the existence of this script no longer apply (and therefore the guidelines in many online tutorials....." (please read further on the link your provided) Commented Sep 16 at 16:54

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.