MySQL Security Configuration

Starting a remote service with the root user has been a security taboo because remote attackers are most likely to gain full control of the host if there is a problem with the service program. MySQL from 3.23.15 edition
This started with a small change, the default installation service to use the MySQL user to start, do not allow the root user to start. If you want to start with the root user, you must add--user=root

Parameters (./safe_mysqld--user=root &). Because MySQL has the load DATA infile and select ... into outfile SQL statement, if the root user is started

MySQL server, the database user has the Write permission of the root user. However, MySQL has made some restrictions, such as the load DATA infile can only read the global readable files

, SELECT ... into outfile cannot overwrite files that already exist.

Local log files cannot be ignored, including shell logs and MySQL own logs. Some users log on locally or back up the database for convenience, sometimes at the command line parameter

The password for the database is taken directly from the number, such as:

Shell>/usr/local/mysql/bin/mysqldump-uroot-ptest Test>test.sql
Shell>/usr/local/mysql/bin/mysql-uroot-ptest

These commands are recorded in the history file by the shell, such as Bash writes to the user directory's. bash_history file, and if the files are inadvertently read, the password for the database is compromised.

。 SQL commands executed after the user logs in to the database are also recorded in the user directory's. mysql_history file by MySQL. If a database user modifies the database password with an SQL statement, it also

Leaked because of a. mysql_history file. So we in the shell landing and backup when not directly after-p password, but in the prompt and then enter the database password.
In addition to these two files we should also not let it record our operation, just in case.

Shell>rm. Bash_history. mysql_history
Shell>ln-s/dev/null. bash_history
Shell>ln-s/dev/null. mysql_history

The two commands at the door link the two files to the/dev/null, so our operations will not be recorded in these two files.
Some problems needing attention in programming

Regardless of the program language to write to the MySQL database program, there is a rule is never trust users to submit data!
For numeric fields, we use Query statements: SELECT * FROM table where id= ' 234 ' and do not use query statements such as SELECT * from table where id=234

。 MySQL automatically converts strings to numeric characters and goes away unless the number characters. If the user submits the data through the mysql_escape_string processing, so we can completely eliminate

SQL inject attack, for SQL inject attacks please refer to the following link article:
Http://www.spidynamics.com/papers/SQLInjectionWhitePaper.pdf
Http://www.ngssoftware.com/papers/advanced_sql_injection.pdf
The issues to be noted in various programming languages:

1 All Web programs:
A try to enter single and double quotes in the Web form to test for possible errors and find out why.
b Modify the URL parameter band%22 (' "),%23 (' # '), and%27 ('").
C for the variables of the numeric field, our application must be rigorously checked, otherwise it is very dangerous.
D check whether the data submitted by the user exceeds the length of the field.
e do not give too much access to users of your program that connect to the database.

2) PHP:
A to check whether the data submitted by the user has been addslashes before the query, and provides a function mysql_escape_string () based on the MySQL C API after the PHP 4.0.3.

3 MySQL C API:
(a) Check whether the query string is invoked with the mysql_escape_string () API.

4) mysql++:
A the query string is checked for escape and quote processing.

5) Perl DBI:
A to check whether the query string uses the quote () method.

6) Java JDBC:
A to check whether the query string uses the PreparedStatement object.

4. Some tips

1 If you inadvertently forget the MySQL root password, we can start the MySQL server with the parameter--skip-grant-tables to skip authorization table verification (./safe_mysqld

--skip-grant-tables &), so that we can directly login to the MySQL server, and then modify the root user password, restart MySQL can be used to login with the new password.

2 when the MySQL server is started with--skip-show-database, the general database user cannot browse other databases.

3 When starting the MySQL server with the--chroot=path parameter, let the mysqld daemon run in the chroot environment. This SQL statement load DATA infile and select ... Into

OutFile is limited to read and write files under Chroot_path. One thing to note here is that MySQL starts up with a mysql.sock file, which defaults to the/tmp directory. Used a

After Chroot, MySQL will be in chroot_path/tmp to build mysql.sock files, if there is no chroot_path/tmp directory or start MySQL users do not have this directory write permissions can not

Create Mysql.sock file, MySQL will fail to start. For example, we add the--chroot=/usr/local/mysql/boot parameters, then it is best to create a user to start MySQL can write
/usr/local/mysql/tmp directory, of course, we can also use--socket=path to specify the Mysql.sock file path, but this path must be in Chroot_path.

4 when the MySQL server is started, the--log-slow-queries[=file] parameter is added so that mysqld will execute the SQL command more than long_query_time write to the file. If not

The hostname-slow.log that has the specified =file,mysqld is written to the data directory by default. If only filename is specified and no path is specified, then mysqld also writes filename to

The Data directory. Through this log file we can find the execution of a lengthy query statement, and then optimize it as much as possible to reduce the burden on the MySQL server.

5 if we only need to use the MySQL service, then we can also add--skip-networking boot parameters so that MySQL does not listen to any TCP/IP connections, increase security