2017-08-20 11:46 UTC

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0004129Kali Linux[All Projects] Kali Package Bugpublic2017-08-07 18:26
Reportermuts 
Assigned Torhertzog 
PrioritynormalSeverityminorReproducibilityhave not tried
StatusassignedResolutionopen 
Product Version2017.1 
Target Version2017.2Fixed in Version 
Summary0004129: Mysql sever contains a root mysql user authorized from aphrodite.kali.org
DescriptionThe Mysql sever in the Kali ISO (and consequently in HD installs) contains a root mysql user authorized from aphrodite.kali.org.
Additional Informationaphrodite.kali.org is the machine where we build our i386/amd64 ISOs.

It might be that the mysql package is setting this itself on installation... there is a debconf prompt for the root password and its default value is an empty string. While it probably should be set to root@localhost, it might to be taking the build server hostname instead.

The mysql server is not enabled by default. When enabled, listens on the loopback device unless the mysql configuration file is explicitly set to listen on the external interface.
Attached Files

-Relationships
+Relationships

-Notes

~0006963

muts (administrator)

Last edited: 2017-08-02 19:26

View 3 revisions

Unable to replicate on a fully updated kali-rolling instance, or an azure instance.

MariaDB [(none)]> select user,host from mysql.user;
+------+-----------+
| user | host |
+------+-----------+
| root | localhost |
+------+-----------+
1 row in set (0.00 sec)

MariaDB [(none)]>


What additional info can you provide? Kali version, architecture, etc, would help a lot.

~0006964

muts (administrator)

Unable to replicate on Kali 2017.1.

~0006965

radu.stanescu (reporter)

I was able to reproduce it on deployment from vm or iso downloaded before June 2017 of Kali 2017.1 but up-to-date.
On the latest ISO / VM downloaded from the website the issue is not anymore..

~0006974

rhertzog (administrator)

Is there any need to investigate this further since our latest release seems to be no longer be affected by the issue?
+Notes

-Issue History
Date Modified Username Field Change
2017-08-02 18:31 muts New Issue
2017-08-02 18:31 muts Status new => assigned
2017-08-02 18:31 muts Assigned To => rhertzog
2017-08-02 18:57 muts Additional Information Updated View Revisions
2017-08-02 19:26 muts Note Added: 0006963
2017-08-02 19:26 muts Note Edited: 0006963 View Revisions
2017-08-02 19:26 muts Note Edited: 0006963 View Revisions
2017-08-02 19:34 muts Note Added: 0006964
2017-08-02 19:49 muts Additional Information Updated View Revisions
2017-08-02 22:23 radu.stanescu Note Added: 0006965
2017-08-07 15:35 rhertzog Note Added: 0006974
+Issue History