> Does anyone have any objection to me changing the mysql package to
> run as user ingres, rather than user root? This helps to close some
> security holes, since database users can be authorised to use the
> LOAD INFILE command for importing data, which allows that user to
> read any file that the user the database is running as can read.

Obviously we need to change this to some user other than root, but I'm
not convinced that ingres is the correct one to change it to. Can't we
add a mysql user as part of the package build process, in the same way
that postgresql does? Or does that make it too difficult from the binary
package point of view?

Thanks for pointing this out, Curt.