COMMAND

    mysql

SYSTEMS AFFECTED

    Systems running mysql 3.21

PROBLEM

    Mike Uttech found following.  mysqld creates a world readable  log
    file  that  contains  the  passwords  for  the  users if they were
    INSERT'd into the user  database.  If you  chmod the log files  to
    600, it will keep them at 600 even if you restart mysqld.  If  you
    remove  the  logfile,  then  restart  mysqld  it will recreate the
    logfile with 644.

        [zipoff data]# cat *.log | grep PASSWORD
        981225 22:50:58    371 Query     INSERT INTO user (host,user,password)
        VALUES('localhost','zipoff',PASSWORD('th1si5acrypt1cpa55w0rd'))

SOLUTION

    This is a known misfeature in MySQL 3.21.  This if fixed in  MySQL
    3.22.