From 1bb30f508ecb68c87d6221129db402f0244bbdeb Mon Sep 17 00:00:00 2001
From: Daniel Black <daniel@mariadb.org>
Date: Tue, 8 Dec 2020 14:37:21 +1100
Subject: [PATCH] DROP USER to delete anonymous accounts

DROP USER has existed for a very long time.

Use the QUOTE sql function to ensure accounts are correctly quoted
and this helps the delete recommendation.
---
 mysqltuner.pl | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/mysqltuner.pl b/mysqltuner.pl
index 77b8745..9e3b4d6 100644
--- a/mysqltuner.pl
+++ b/mysqltuner.pl
@@ -1784,21 +1784,19 @@ sub security_recommendations {
 
     # Looking for Anonymous users
     my @mysqlstatlist = select_array
-"SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE TRIM(USER) = '' OR USER IS NULL";
+"SELECT CONCAT(QUOTE(user), '\@', QUOTE(host)) FROM mysql.user WHERE TRIM(USER) = '' OR USER IS NULL";
     debugprint Dumper \@mysqlstatlist;
 
     #exit 0;
     if (@mysqlstatlist) {
-        foreach my $line ( sort @mysqlstatlist ) {
-            chomp($line);
-            badprint "User '" . $line . "' is an anonymous account.";
-        }
         push( @generalrec,
                 "Remove Anonymous User accounts - there are "
               . scalar(@mysqlstatlist)
               . " anonymous accounts." );
-        push( @generalrec,
-                "DELETE FROM mysql.user WHERE user ='';" );
+        foreach my $line ( sort @mysqlstatlist ) {
+            chomp($line);
+            badprint "User " . $line . " is an anonymous account. Remove with DROP USER " . $line . ";";
+        }
     }
     else {
         goodprint "There are no anonymous accounts for any database users";