The MySQL File Structure Revisited

Previous page
Table of content
Next page

As previously noted, MySQL stores its databases and tables in a simple structureeach database is a directory, and each table is an .frm file with other associated files depending on the storage engine used for the table.

One consequence of this is that if attackers can create files in a database directory, they can create arbitrary tables and data. Another, more serious point is that you should ensure that operating system users other than the MySQL user cannot see the mysql directory. If a user can list the contents of the user .MYD file, he will have all users' password hashes. In versions prior to 4.1, knowledge of the password hash is all that's needed for authenticating.


Previous page
Table of content
Next page
Database Hacker's Handbook. Defending Database Servers
The Database Hackers Handbook: Defending Database Servers
ISBN: 0764578014
EAN: 2147483647
Year: 2003
Pages: 156
Authors: David Litchfield, Chris Anley, John Heasman, Bill Grindlay
BUY ON AMAZON
Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
VBScript Programmers Reference
Junos Cookbook (Cookbooks (OReilly))
.NET System Management Services
Quartz Job Scheduling Framework: Building Open Source Enterprise Applications
MPLS Configuration on Cisco IOS Software
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy