Can anyone speak to how secure this is in general, and what measures need to be taken (besides securing the password)?
For example, the default setting allows any Dreamhost machine to query the MySQL database. Does that mean the DBs are vulnerable to dictionary attacks?
Also, is the MySQL password sent unencrypted from the webserver (running PHP or similar) to the MySQL server? If so, is it possible that a compromised machine on the network could snoop the password?