標籤:-- 超連結 故事 and from safe http get code
原創作品,允許轉載,轉載時請務必以超連結形式標明文章 原始出處 、作者資訊和本聲明。否則將追究法律責任。http://oldboy.blog.51cto.com/2561410/1321061
防止人為誤操作MySQL資料庫技巧一例
(本題來自老男孩培訓內部學生問題,屬於資料庫安全技巧)
在若干年前,老男孩親自遇到一個“命案”,老大登入資料庫update一個記錄,結果忘了加where,於是悲劇發生了,這使得我對MySQL的增量恢複熟練度遠超過其他的知識點,同時也很在意對內的資料庫安全,並且每次講課講到此處,都會給學生講這個領導的故事。
1、mysql協助說明
| 123 | [oldboy_c64 ~]# mysql --help|grep dummy -U, --i-am-a-dummy Synonym for option --safe-updates, -U.i-am-a-dummy FALSE |
在mysql命令加上選項-U後,當發出沒有WHERE或LIMIT關鍵字的UPDATE或DELETE時,mysql程式就會拒絕執行
2、指定-U登入測試
| 12345678910111213 | [oldboy_c64 ~]# mysql -uroot -poldboy123 -S /data/3306/mysql.sock -UWelcome to the MySQL monitor. Commands end with ; or \g.Your MySQL connection id is 14Server version: 5.5.32-log MySQL Community Server (GPL)Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.Oracle is a registered trademark of Oracle Corporation and/or itsaffiliates. Other names may be trademarks of their respectiveowners.Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.mysql> delete from oldboy.student;ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY columnmysql> quitBye |
提示:不加條件無法刪除,目的達到。
3、做成別名防止老大和DBA誤操作
| 12345678910111213141516 | [oldboy_c64 ~]# alias mysql=‘mysql -U‘[oldboy_c64 ~]# mysql -uroot -poldboy123 -S /data/3306/mysql.sockWelcome to the MySQL monitor. Commands end with ; or \g.Your MySQL connection id is 15Server version: 5.5.32-log MySQL Community Server (GPL)Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement.mysql> delete from oldboy.student;ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY columnmysql> delete from oldboy.student where Sno=5;Query OK, 1 row affected (0.02 sec)mysql> quitBye[oldboy_c64 ~]# echo "alias mysql=‘mysql -U‘" >>/etc/profile[oldboy_c64 ~]# . /etc/profile[oldboy_c64 ~]# tail -1 /etc/profilealias mysql=‘mysql -U‘ |
結論:
在mysql命令加上選項-U後,當發出沒有WHERE或LIMIT關鍵字的UPDATE或DELETE時,mysql程式拒絕執行
本文出自 “老男孩linux培訓” 部落格,請務必保留此出處http://oldboy.blog.51cto.com/2561410/1321061
(轉)防止人為誤操作MySQL資料庫技巧一例
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
