 |
 |
 |
| Security | |||
| Introduction | |||
| It is a fact of life, or at least of human social organization, that not all information is intended to be made available to all individuals. Thus with MySQL, a database is generally set up in such a way that not everyone can see all of the data (let alone change or delete it). In order to protect data from prying eyes (or unauthorized tampering), MySQL provides a dual access system. | |||
| The first level determines whether the user has the right to communicate with MySQL at all. The second level determines what actions (such as SELECT, INSERT, DROP) are permitted for which databases, tables, or columns. | |||
| The MySQL administrator is responsible for keeping the contents of databases secure so that only those who have the proper authorization can access records. This involves both internal and external security. | |||
| Internal security concerns the issues that arise in relation to other users who have direct access to the MySQL server host-that is, other users who have login accounts on that host. Generally, internal security exploits involve file system access, so you'll want to protect the contents of your MySQL installation from being attacked by people who have accounts on the machine on which the server runs. | |||
| In particular, the data directory should be owned and controlled by the administrative MySQL login account used for running the server. If you don't do this, your other security-related efforts may be compromised. For example, you'll want to make sure you've properly set up the accounts listed in the grant tables that control client connections over the network. | |||
| But if the access mode for the data directory contents is too permissive, someone might be able to put in place an entirely different client access policy by replacing the files that correspond to the grant tables. | |||
| External security concerns the issues involved with clients connecting from outside. It's necessary to protect the MySQL server from being attacked through connections coming in over the network asking for access to database contents. | |||
| You should set up the MySQL grant tables so they don't allow access to the databases managed by the server unless a valid name and password are supplied. Another danger is that it may be possible for a third party to monitor the network and capture traffic between the server and a client. | |||
| If this is a concern, you may want to configure your MySQL installation to support connections that use the Secure Sockets Layer (SSL) protocol. | |||
|
|||