35.4. Log Files and Security

Previous page
Table of content
Next page

Filesystem security includes the log files. You should keep the log contents secret. You don't want to expose table data by exposing the log files because they contain statements that include data values. In particular you don't want to expose account passwords that are included in statements such as CREATE USER or SET PASSWORD. To keep your log files secure, follow the data directory protection procedures outlined in Section 35.3, "Filesystem Security."

Log exposure constitutes a security risk that must be addressed by protecting the log files, but logs also play a role in enhancing security. Certain logs, if enabled, provide data security or information that is useful in the event of attack:

  • The binary log is needed for data security. It's required for recovery operations should you need to restore your databases (for example, if an attempt to compromise the server does succeed).

  • The general query log gives you information about what clients are connecting, which may be helpful in detecting instances of malicious activity and determining their source.


Previous page
Table of content
Next page
MySQL 5 Certification Study Guide
MySQL 5.0 Certification Study Guide
ISBN: 0672328127
EAN: 2147483647
Year: 2006
Pages: 312
Authors: Paul DuBois, Stefan Hinz, Carsten Pedersen
BUY ON AMAZON
CompTIA Project+ Study Guide: Exam PK0-003
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Cisco Voice Gateways and Gatekeepers
The New Solution Selling: The Revolutionary Sales Process That Is Changing the Way People Sell [NEW SOLUTION SELLING 2/E]
Special Edition Using Crystal Reports 10
Understanding Digital Signal Processing (2nd Edition)
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy