Keep MySQL safe in front of attackers

When you connect to the MySQL server, you should use a password. The password is not transmitted over plaintext. The password handling in the client connection sequence has been upgraded in the MySQL 4.1.1 and is secure. If you still use the pre-4.1.1-style password, the encryption algorithm is not as strong as the new algorithm; Smart attackers who can steal communications between the client and the server can crack the password through some work. If the connection between the client and the server is through an untrusted network, you should use an SSH tunnel to encrypt the communication.

Other information is transmitted in text and can be read by anyone who can see the connection. If you're worried about this, you can use a compression protocol to make communications more difficult to decrypt. To make your connection more secure, you should use SSH to obtain a TCP/IP connection between the encrypted MySQL server and the MySQL client. (Note: You can also use MySQL internal OpenSSL support.) ）

For the MySQL system to be secure, you are strongly asked to consider the following recommendations:

• Use passwords for all MySQL users. The client program does not need to know the identity of the person who is running it. For client/server applications, users can specify the user name of the client program. For example, if Other_user does not have a password, anyone can simply use Mysql-u other_user db_name impersonate someone else to invoke the MySQL program to connect. If all users have a password, it is much more difficult to connect using another user's account.

To change the user's password, you should use the Set password statement. You can also update the user table in the MySQL database directly. For example, to change the password for the MySQL account for all root users.

shell> mysql -u root
mysql> UPDATE mysql.user SET Password=PASSWORD('newpwd')
　　-> WHERE User='root';
mysql> FLUSH PRIVILEGES;

• Never run a MySQL server as the root user of Unix. This is dangerous because any user with file permissions can create a file with root (for example, ~ROOT/.BASHRC). To prevent, Mysqld refuses to run with root unless it is clearly specified using the--user=root option.

You should (and should) run mysqld with a normal, unprivileged user. You can create separate MySQL accounts in Unix to make all content more secure. This account is only for managing MySQL. To start mysqld with another UNIX user, add the user option to specify the username of the [mysqld] group in the MY.CNF option file for the/ETC/MY.CNF option file or server data directory. For example:

[mysqld]
user=mysql

This command enables the server to start with the specified user, whether you start manually or through Mysqld_safe or mysql.server.

As other UNIX users without running mysqld with root, you do not need to change the root username in the user table because the user name of the MySQL account has nothing to do with the user name of the UNIX account.

• Do not allow the use of symbolic links to tables. (Can be disabled with the--skip-symbolic-links option). It is especially important if you run mysqld with root because anyone who has write access to the server's data directory can delete any file in the system!

• Ensure that mysqld runs only with UNIX users who have read or write access to the database directory.

• Do not grant process or super permissions to unmanaged users. The output of the Mysqladmin processlist displays the currently executing query body, if another user issues an update user SET Password=password (' not_secure ') query, Any user who is allowed to execute that command may see it.

MYSQLD reserved an extra connection for users with super privileges, so even if all common connections are occupied, the MySQL root user can still log in and check the server's activity.

You can terminate a client connection by using the Super permission, changing the value of the system variable to change the service's operation, and controlling the replication server.

• Do not grant file permissions to non-administrative users. Any user with this permission can write a file in a file system that has the privileges of the mysqld daemon! For more security, by select ... All files generated by into outfile are writable by everyone and you cannot overwrite files that already exist.

File permissions can also be used to read any files that can be read or accessed by UNIX users running the server. With this permission, you can read any file into the database table. This can be misused, for example, by loading "/etc/passwd" into a database table by using load data and then displaying it in select.

• If you do not trust your DNS, you should use the IP number instead of the hostname in the authorization form. In any case, you should be very careful to use the hostname containing the wildcard character to create an authorization table entry!

• If you want to limit the number of connections allowed in a single account, you can set the max_user_connections variable in mysqld to complete. The grant statement can also support resource control options to limit the range of uses that the server allows for an account.