35.1. Security Issues


Information stored in MySQL databases must be kept secure to avoid exposing data that MySQL users expect to be private. Risks to a MySQL installation come in several forms:

  • Operating system security risks. MySQL usually is administered using a login account dedicated to that purpose. However, the server machine might host other login accounts as well, and those accounts have the potential for being used against the MySQL installation. Minimizing the number of accounts not related to MySQL minimizes this risk.

  • Filesystem security risks. Database information is stored in directories and files, and the server also maintains log files that contain information about queries that clients execute. Because these directories and files are part of the filesystem, they need to be protected so that other users who have login accounts on the server host cannot access them directly. A MySQL installation also includes the programs and scripts used to manage and access databases. Users need to be able to run some of these (such as the client programs), but should not be able to modify or replace them. This means that MySQL programs need to be protected appropriately as well.

  • Network security risks. The MySQL server provides access to databases by allowing clients to connect over the network and make requests. Information about client accounts is stored in the mysql database. Each account should be set up with privileges that provide access only to the data the account needs to see or modify. Accounts also should be assigned passwords to make it difficult for people to connect to the server using someone else's account. For example, a MySQL root account has full privileges to perform any database operation, so it's important to assign the account a password that is not easily guessed.

The following sections discuss techniques that an administrator can use to maintain the integrity of a MySQL installation.

The directories and files of a MySQL installation can be protected by changing their ownership and access permissions before running the server, but setting passwords for the MySQL root accounts can be done only while the server is running. Consequently, before starting the server and setting passwords, you should take any actions necessary to protect MySQL-related portions of the filesystem. If you set the passwords first before protecting the files in which the grant tables are stored, it's possible for someone with direct filesystem access on the server host to replace the grant tables. This compromises your MySQL installation and undoes the effect of setting the passwords.



MySQL 5 Certification Study Guide
MySQL 5.0 Certification Study Guide
ISBN: 0672328127
EAN: 2147483647
Year: 2006
Pages: 312

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net