Can arbitrary code run in a server if someone's know just the MySQL password?

[Ned Batchelder]

On 10/2/13 10:46 AM, Νίκος wrote:
> Στις 2/10/2013 4:58 μμ, ο/η Ned Batchelder έγραψε:
>> On 10/2/13 9:41 AM, Νίκος wrote:
>>> Στις 2/10/2013 4:25 μμ, ο/η Steven D'Aprano έγραψε:
>>>> On Wed, 02 Oct 2013 15:20:00 +0300, Νίκος wrote:
>>>>
>>>>> Is it possible for someone that knows the MYSQL password of a 
>>>>> server to
>>>>> run arbitrary code on a linux server?
>>>>
>>>> Yes, it is possible.
>>>
>>> Is that what might have happened and someone managed to upload the
>>> .html file in '~/home/nikos/www/' ?
>>>
>>> Can you think of any other way?
>>>
>>
>> As others have said in this thread, this is not a Python topic. Find
>> another forum for this question.  Do not ask it here again.
>>
>> You've said that you can improve.  Show us by not asking non-Python
>> questions here.
>>
>> --Ned.
> But i need to know what happened and how this .html file got uploaded.
> This is not a python question, but this happened from this pythons NG.
> And perhaps my python code was being utilized fo this upload to happen.
>
> I must know.
>

This is not a topic for Python-List.  We don't have answers for you, and 
you won't get answers to this question here.  If you persist in asking 
about it here, don't be surprised when people get angry with you.  This 
is anti-social behavior.

I know you are upset about your server being compromised.  I'm sorry 
about that, but it isn't on-topic here.  There are other places you can 
get help with your question.

--Ned.