0

Using the Chef Opscode MySql cookbook. It grants the MySQL "repl" user access using a wildcard host value.

GRANT REPLICATION SLAVE ON *.* TO 'repl'@'%' identified by *password*

Is this secure? Or is it better to update the mysql.user table with a different host?

Cœur
  • 37,241
  • 25
  • 195
  • 267
csi
  • 9,018
  • 8
  • 61
  • 81
  • 1
    Depends on what makes you feel safe. But not recommended for production use anyway, since it does not harm to be pessimistic in this case. Any moderately well managed production env will have additional filters at the firewall level, port level etc., but why make assumptions? – Litmus Oct 31 '13 at 16:28

1 Answers1

1

It's always better to fill in an exact host from where the Database can only be accessed.

Only for special occasions/tests you can temporary use a wildcard for convenience.

Jamey Diepbrink
  • 61
  • 6