MySQL Reference Manual for version .

Go to the first, previous, next, last section, table of contents.

How to make MySQL secure against crackers.

To make a MySQL system secure you should think about the following:

Use passwords for all MySQL users. Remember that anyone can log in as any other person as simply as 'mysql --user other_user database'. This is common behaviour with all client/server applications. You can change the password of all users by editing the mysql_install_db script or only for the MySQL root user with:
```
mysql -u root -e "update user set password=password('new_password')
where user='root'" mysql
```
Don't start the MySQL deamon as root. mysqld can be run as any user. You can also add a new user 'mysql' to make everything even more crash-proof. You don't need to change the root user name in the 'user' table even if you run mysqld as another user, as MySQL user has nothing to do with Unix users. To start mysqld as another user, you can edit the mysql.server script to start mysqld as another user. Normally this is done with the 'su' command.
Check that only the mysqld user has read/write privileges to the database directories.
Don't give 'Process_priv' privileges to all users. Anyone can check if one changes a password with the 'mysqladmin processlist' command. mysqld saves an extra connection for a user with 'Process_priv' privileges so that a root user can log in and check things even if all normal connections are in use.
Don't give 'File_priv' to all users. If a user has this privilege he can write a file anywhere in the file system with the privileges of the mysqld daemon! To make this a bit safer, all files generated with SELECT INTO OUTFILE are generated readable by all and one can't overwrite existing files.
If you don't trust your DNS, you should use IP's instead of hostnames in the privilege tables. The --secure option to mysqld should in principle make hostnames safe. In any case one should be real careful about using wildcards with hostnames!
If you put a root password in the mysql.server script, you should make this only readable for root.

The following options to mysqld affects security:

--secure: Check that the ip that was returned from get_hostbyname resolves back to the original hostname. This is done to make it harder for someone on the outside to get access by simulating another host. This options also adds some sanity checks of hostnames. This is turned off by default since it sometimes takes a long time to check this.
--skip-grant-tables: Do not use the privilege system att all. This gives everyone full access to all databases!
--skip-name-resolve: Hostnames are not resolved. All hostnames in the privilege tables must be IP-numbers or 'localhost'.
--skip-networking: Don't allow connections over the network (TCP/IP). All connections to mysqld are done with Unix sockets. This options doesn't work very good on systems that uses MIT-pthreads as MIT-pthreads doesn't support Unix sockets.

Go to the first, previous, next, last section, table of contents.