l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 7: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2004 Mar 15 10:05

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Simple MySQL security [was mysql: printing allusers and databases]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Simple MySQL security [was mysql: printing allusers and databases]



On Mon, 2004-03-15 at 09:03, Peter Jay Salzman wrote:
> thanks tim,
> 
> i'll give it a try.  i have to say, i'm a little disheartened with
> mysql.  i just want it to "work" and be secure.
Simple MySQL security is achievable if you utilize the security
features of Linux.
> 
> from reading the docs, it _appears_ (although it doesn't say explicitly)
> that not only does each username have a password, each user has a
> password for each hostname.  so 'root'@'localhost' may have a different
> password than 'root'@'someotherhost'.  that's just too bizarre for my
> mind.
I maintain my own user table (myuser for example) and access
MySQL as user=root. Moreover, I place root's password in a
file in "/etc" and remove all permissions except for the owner.
The executables that access MySQL then read the password from
this file.

Currently, all accesses to the executables are limited to port 80 using
CGI. So no special permissions need to be placed on the
executables. However, if I were to grant shell accounts for users,
I would set the SUID bit with "chmod u+s" to allow the
executables to safely read the password file.

> 
<snip>

_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!