Securing Your Installation Files

In addition to setting up MySQL accounts securely, you must control access to the MySQL binaries, scripts, and data files. We will discuss some recommendations for this on your system.

Don't Run mysqld as Root

This is a recommendation for Linux and other Unix-like operating systems. Do not be tempted to run the MySQL server (mysqld) from the root user account. Just as you would if you were running a Web server, create a special user account for running the MySQL server. This way you can restrict the access privileges that the MySQL server has to the file system.

Access and Privileges Under Your Operating System

There is no point in spending time setting up user accounts in MySQL correctly if you cannot control file access in your operating system. You need to control user access to the MySQL binaries, scripts, and, in particular, the data directory. A common source of security holes involves users who have legitimate access to the machine where your MySQL server resides but not to, say, other users' databases. If these users can access the data directory, they can copy the data files and load them into another MySQL server.

Generally speaking, you want to ensure that the following safeguards are in place:

• Only appropriate users can run mysqld. You can restrict this to the user you have created for the purpose of running mysqld.

• Only appropriate users have access to MySQL's associated programs and scripts such as, for example, mysqladmin, mysqldump, and mysqlhotcopy. You may want to determine this on a program-by-program basis.

• Only appropriate users can access the MySQL data directory. If the server is running as user mysql , this user will need access to the directory. Any other users are optional and are therefore generally best denied .