Other MySQL database security problems

Abstract: This article introduces other information about MySQL server security, such as how to ensure password security, how to ensure database Directory Security, and how to use non-privileged users to start the server.

The security of the database system includes many aspects. In many cases, the database server allows the client to connect from the network, so the security of the client connection has an important impact on the security of the MySQL database.

Password is not provided on the client's command line

When you use a user identity such as mysql or mysqladmin to connect to the MySQL server, you must provide a password for the connection.

1. Provide the password on the command line

Shell> mysql-u root-pmypass

Note that there must be no space between the-p option and the password. Otherwise, you will be prompted to enter the password and report an error.

You can also use the long format

Shell> mysql-user = root-password = mypass

Now you can examine the consequences:

On Unix, $ ps-aux | grep mysql

On win9x, you can press Ctrl + Alt + Del. On NT, you can open the task manager.

What did you find? The password is clearly displayed in front of you. So you should never do that at any time.

So you need to ask the client to prompt your password:

Shell> mysql-u root-p

You can also use the option file to provide a password, but note that you cannot store the password in the option file for security purposes. You can only provide the password option so that the client prompts you to enter the password.

Use SSH to encrypt client connections

This is a note (David Carlson) about how to use SSH to obtain a secure connection to a remote MySQL server ).

Install SSH on your windows Server-I use a free SSH client. Other useful links:

.

Start SSH. Set host name = Your MySql server name or IP address, set userid = your user name to log on to your server.

Click "local forwords ". Set local port: 3306, host: localhost, remote port: 3306

Save everything, otherwise you will have to do it again next time.

Log on to your server using SSH.

Start ODBC applications (such as Access ).

Create a new file and use the ODBC driver to link to mySQL, just as you usually do, except for using the user "localhost" on the server ".

Done. It works well for a direct Internet connection.

Do not run the MySQL daemon using Unix root users

Do not run the MySQL daemon as a Unix root user. Mysqld can run as any user, and you can create a new Unix user mysql to make everything safer. If you run mysqld as another Unix user, you do not need to change the root user name in the user table because the MySQL user name has nothing to do with the Unix user name.

You can edit the mysql. server startup script mysqld as other Unix users. Or use the option file. For details about how to use a non-root user to start the MySQL server, see Chapter 2.

Database Directory Security

The MySQL server provides an authorization table in the mysql database to implement a flexible permission system, ensuring the security of data access from the network. However, if other users on the server host have direct access to the server directory, the data on your server is still insecure.

Generally, you may use a non-privileged Unix user to execute the daemon. Check that the Unix user running mysqld is the only user with read/write permissions under the database directory.

Possible Security Vulnerabilities

Obviously, you will not allow other users on the server host to have write access to database directory files, but it is also very dangerous to only read access.

Because queries such as GRANT and set password are recorded in logs, the regular and updated log files contain sensitive query texts related to passwords. If an attacker has read access to these logs, he can easily find the plaintext of the PASSWORD by searching for sensitive words such as GRANT or PASSWORD in the log file.

Reading and accessing table files is also very dangerous. It is trivial to steal files and make MySQL and display table content in plain text. Perform the following steps:

1. install a new MySQL distribution, either on another host or on the current server host, use different ports, sockets, and data files from the official server.

2. copy the file of the stolen table to the test directory in the new service database directory.

3. Then you can start the crime server and access the contents of the stolen table at will.

Set appropriate database directory permissions on Unix

To eliminate these security vulnerabilities, You need to arrange the database directory and ownership of all the files and directories in it. Yes, only the dedicated account of the startup server can access them. The procedure is as follows:

1. Switch to the root user

$ Su

2. Set the ownership of the database directory and all the file directories to the account running the server. In this book, assume that this account is mysql and set all the groups as the root group.

% Chown-R mysql: root DATADIR

3. Modify the database directory and all file directories to allow only the owner to read and write data.

% Chmod-R go-rwx DATADIR

Set appropriate database directory permissions in the NT System

The security of the database directory in the NT system may be relatively simple:

The reader may think that changing all directory files to only one account administrator, for example, can be read and written. However, there is a problem, that is, you can manually start an independent server in the administrator account. If you enable the mysql System Service to start automatically, the solution is to enable the database directory to be read and written by users in the administrators group, so that the MySQL server can be automatically started using the system service method or using net start mysql in any account.

Another problem is that if you are not in the administrators group or cannot establish a database connection from the network, because you do not have the permission to read the database directory, if you want to use it properly, the write permission is also required. The solution is to enable SYSTEM group users to read and write database directories.

We recommend that you use MySQL on a Linux server for testing or data entry on Windows. However, if you want to use it on Windows, pay attention to the content in this section.

Mysqld options that affect security

The following mysqld options affect security:

-- Secure

The IP number returned by the gethostbyname () system call is checked to ensure that they are resolved back to the original host name. This makes it harder for some outsiders to obtain access permissions by imitating other hosts. This option also adds some clever host name checks. In MySQL3.21, It is disabled by default because it sometimes takes a long time to execute reverse resolution. MySQL 3.22 caches the Host Name and enables this option by default.

-- Skip-grant-tables

This option causes the server to not use the permission system at all. This gives everyone the right to fully access all databases! (By executing mysqladmin reload, you can tell a running server to start using the authorization table again .)

-- Skip-name-resolve

The host name is not resolved. The column values of all hosts in the authorization table must be IP numbers or localhosts.

-- Skip-networking

TCP/IP connections are not allowed on the network. All connections to mysqld must be made through Unix sockets. This option is not suitable for systems that use MIT-pthreads, because the MIT-pthreads package does not support Unix sockets.