General Security Considerations
Generally speaking, think about adopting these security principles:
- Never run the server as root. Run as an ordinary, unprivileged user.. When the MySQL server runs, it executes with the privileges of the account under which it runs. If the server runs as root, it has the root privileges, including such abilities as reading and writing files anywhere in the file system. Clients may attempt to take advantage of the server's root privileges to read privileged information or write files that modify your system. Running the server using an ordinary login account that has no special privileges minimizes this risk by preventing the server from accessing sensitive files and data.
- The MySQL data directory should only ...