MySQL-5.7/8.0+ auth_socket is safe

MySQL has auth_socket as its plugin compared to unix_socket on MariaDB so accept that as a valid reason for having no authentication. MySQL [(none)]> show create user dan@localhost; +-----------------------------------------------------------------------------------------------------------------+ | CREATE USER for dan@localhost | +-----------------------------------------------------------------------------------------------------------------+ | CREATE USER 'dan'@'localhost' IDENTIFIED WITH 'auth_socket' REQUIRE NONE PASSWORD EXPIRE DEFAULT ACCOUNT UNLOCK | +-----------------------------------------------------------------------------------------------------------------+ 1 row in set (0.000 sec) MySQL [(none)]> select user,host,plugin from mysql.user; +---------------+-----------+-----------------------+ | user | host | plugin | +---------------+-----------+-----------------------+ | root | localhost | mysql_native_password | | mysql.session | localhost | mysql_native_password | | mysql.sys | localhost | mysql_native_password | | dan | localhost | auth_socket | | expiretest | % | mysql_native_password | | expiretest | localhost | mysql_native_password | +---------------+-----------+-----------------------+ 6 rows in set (0.001 sec) MySQL [(none)]> select version(); +-----------+ | version() | +-----------+ | 5.7.31 | +-----------+
2020-12-08 14:18:03 +11:00 · 2020-12-08 14:18:03 +11:00 · 79a4403c9c
commit 79a4403c9c
parent 0eef9260a8
1 changed files with 1 additions and 1 deletions
--- a/mysqltuner.pl
+++ b/mysqltuner.pl
@ -1819,7 +1819,7 @@ q{SELECT CONCAT(user, '@', host) FROM mysql.global_priv WHERE
    else {
        @mysqlstatlist = select_array
 "SELECT CONCAT(user, '\@', host) FROM mysql.user WHERE ($PASS_COLUMN_NAME = '' OR $PASS_COLUMN_NAME IS NULL)
-    /*!50501 AND plugin NOT IN ('unix_socket', 'win_socket', 'auth_pam_compat') */
+    /*!50501 AND plugin NOT IN ('auth_socket', 'unix_socket', 'win_socket', 'auth_pam_compat') */
    /*!80000 AND account_locked = 'N' AND password_expired = 'N' */";
    }
    if (@mysqlstatlist) {