Keeping a MySQL Installation Secure
Running a MySQL database server can be a major responsibility. The greater the value of the information stored in its databases, and the greater the number of users of the system, the more emphasis you'll need to place on keeping the system secure. It can be serious, even disastrous, that the server can be shut down or its data modified by a malicious hacker. In some cases, it may be just as bad that a user can simply view data that's outside his privileges. Here are a few guidelines for good practice when securing a MySQL server.
Always run the MySQL daemon under the user mysql, never as root or as nobody (as Apache does). If you run the daemon as root, any MySQL user who has File_priv privileges will be able ...
Get Sams Teach Yourself MySQL in 21 Days, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
