The security of the host where the MySQL database is located is the top priority. If the host is insecure and controlled by attackers, the security of MySQL cannot be discussed. The second is the security of data directories and data files, that is, permission settings. Therefore, MySQL database security configuration is crucial.
The security of the host where the MySQL database is located is the top priority. If the host is insecure and controlled by attackers, the security of MySQL cannot be discussed. The second is the security of data directories and data files, that is, permission settings. Therefore, MySQL database security configuration is crucial.
1. Preface:
MySQL database is a fully networked cross-platform relational database system and a distributed database management system with a client/server architecture. It has the advantages of strong functions, ease of use, convenient management, fast operation speed, strong security and reliability. Users can use many languages to write programs that access the MySQL database, especially PHP, it is widely used. The security configuration of the MySQL database is also necessary. The security of information in the current MySQL database is often threatened, so security configuration is essential.
Because MySQL is a multi-platform database, its default configuration should be considered to be applicable in various circumstances, so further security reinforcement should be carried out in our own use environment. As a MySQL System Administrator, we have the responsibility to maintain the data security and integrity of the MySQL database system.
The security configuration of the MySQL database must begin with two aspects: Internal Security of the system and external network security. In addition, we will briefly introduce some precautions and tips for programming.
2. Internal System Security
First, we will briefly introduce the directory structure of the MySQL database. After MySQL is installed and the mysql_db_install script is run, the data directory and database initialization will be established. If we use the MySQL source code package and the installation directory is/usr/local/mysql, the data directory is usually/usr/local/mysql/var. The database system is composed of a series of databases, each containing a series of database tables. MySQL creates a database directory in the data directory with the database name. Each database table uses the database table name as the file name, put the three files with the extension MYD, MYI, and frm in the database directory.
The MySQL authorization table provides flexible permission Control for database access. However, if a local user has the permission to read database files, attackers only need to package and copy the database directories, copy it to the data directory of your local machine to access the stolen database. Therefore, the security of the MySQL host is the top priority. If the host is insecure and controlled by attackers, the security of MySQL cannot be discussed. The second is the security of data directories and data files, that is, permission settings.
From the perspective of some old binary distributions on the MySQL main site, the attribute of the data directory in version 3.21.xx is 775, which is very dangerous. Any local user can read the data directory, therefore, database files are insecure. In version 3.22.xx, the attribute of the data directory is 770, which is also dangerous. Local Users in the same group can both read and write data, so data files are not secure. The attribute of the Data Directory of 3.23.xx is 700, which is better. Only the user who starts the database can read and write the database files, ensuring the security of local data files.
If the user who starts the MySQL database is mysql, the following directories and files are safe. Pay attention to the data directory and the following attributes:
Shell> ls-l/usr/local/mysql
Total 40
Drwxrwxr-x 2 root 4096 Feb 27 20:07 bin
Drwxrwxr-x 3 root 4096 Feb 27 :07 include
Drwxrwxr-x 2 root 4096 Feb 27 :07 info
Drwxrwxr-x 3 root 4096 Feb 27 :07 lib
Drwxrwxr-x 2 root 4096 Feb 27 :07 libexec
Drwxrwxr-x 3 root 4096 Feb 27 :07 man
Drwxrwxr-x 6 root 4096 Feb 27 :07 mysql-test
Drwxrwxr-x 3 root 4096 Feb 27 :07 share
Drwxrwxr-x 7 root 4096 Feb 27 20:07 SQL-Scripts
Drwx ------ 4 mysql 4096 Feb 27 var
Shell> ls-l/usr/local/mysql/var
Total 8
Drwx ------ 2 mysql 4096 Feb 27 mysql
Drwx ------ 2 mysql 4096 Feb 27 test
Shell> ls-l/usr/local/mysql/var/mysql
Total 104
-Rw ------- 1 mysql 0 Feb 27 20:08 columns_priv.MYD
-Rw ------- 1 mysql 1024 Feb 27 columns_priv.MYI
-Rw ------- 1 mysql 8778 Feb 27 columns_priv.frm
-Rw ------- 1 mysql 302 Feb 27 db. MYD
-Rw ------- 1 mysql 3072 Feb 27 db. MYI
-Rw ------- 1 mysql 8982 Feb 27 db. frm
-Rw ------- 1 mysql 0 Feb 27 20:08 func. MYD
-Rw ------- 1 mysql 1024 Feb 27 func. MYI
-Rw ------- 1 mysql 8641 Feb 27 func. frm
-Rw ------- 1 mysql 0 Feb 27 20:08 host. MYD
-Rw ------- 1 mysql 1024 Feb 27 host. MYI
-Rw ------- 1 mysql 8958 Feb 27 host. frm
-Rw ------- 1 mysql 0 Feb 27 20:08 tables_priv.MYD
-Rw ------- 1 mysql 1024 Feb 27 tables_priv.MYI
-Rw ------- 1 mysql 8877 Feb 27 tables_priv.frm
-Rw ------- 1 mysql 428 Feb 27 user. MYD
-Rw ------- 1 mysql 2048 Feb 27 user. MYI
-Rw ------- 1 mysql 9148 Feb 27 user. frm
If the owner and attributes of these files are not the same, use the following two commands to correct them:
Shell> chown-R mysql. mysql/usr/local/mysql/var
Shell> chmod-R go-rwx/usr/local/mysql/var
Starting remote services with the root user has always been a security taboo, because if the service program encounters problems, remote attackers are very likely to gain full control of the host. MySQL has made minor changes since version 3.23.15. After installation by default, the service should be started by mysql users, and root users are not allowed to start the service. If you have to use the root user for startup, you must add the -- user = root parameter (./safe_mysqld -- user = root &). MySQL has the SQL statements of LOAD DATA INFILE and SELECT... INTO OUTFILE. If the root user starts the MySQL server, the database user has the write permission of the root user. However, MySQL still imposes some restrictions. For example, load data infile can only read globally readable files, and SELECT... into outfile cannot overwrite existing files.
Local log files cannot be ignored, including shell logs and MySQL logs. Some users log on to or back up the database locally for convenience, and sometimes directly include the database password in the command line parameters, such:
Shell>/usr/local/mysql/bin/mysqldump-uroot-ptest test> test. SQL
Shell>/usr/local/mysql/bin/mysql-uroot-ptest
These commands are recorded by shell in history files. For example, bash will write the. bash_history file in the user directory. If these files are accidentally read, the database password will be leaked. The SQL commands executed after you log on to the database are also recorded in the. mysql_history file in the user directory by MySQL. If the database user uses an SQL statement to modify the Database Password, The. mysql_history file will also leak. Therefore, do not add a password after-p during shell login and backup. Instead, enter the database password after prompt.
In addition, we should not allow these two files to record our operations, just in case.
Shell> rm. bash_history. mysql_history
Shell> ln-s/dev/null. bash_history
Shell> ln-s/dev/null. mysql_history
These two commands link these two files to/dev/null, so our operations will not be recorded in these two files.