Specifications
MySQL from the Operating System’s Point of View
It’s a bad idea to run the MySQL server (mysqld) as root if you are running a UNIX-like oper-
ating system. This gives a MySQL user with a full set of privileges the right to read and write
files anywhere in the operating system. This is an important point, easily overlooked, which
was famously used to hack Apache’s Web site. (Fortunately the crackers were “white hats”
[good guys], and the only action they took was to tighten up security.)
It’s a good idea to set up a MySQL user specifically for this purpose. In addition, you can then
make the directories (where the physical data is stored) accessible only by the MySQL user. In
many installations, the server is set up to run as userid mysql, in the mysql group.
You should also ideally set up your MySQL server behind your firewall. This way you can stop
connections from unauthorized machines—check and see whether you can connect from out-
side to your server on port number 3306. This is the default port that MySQL runs on, and
should be closed on your firewall.
Passwords
Make sure that all your users have passwords (especially root!) and that these are well chosen
and regularly changed, as with operating system passwords. The basic rule to remember here is
that passwords that are or contain words from a dictionary are a bad idea. Combinations of let-
ters and numbers are best.
If you are going to store passwords in script files, then make sure only the user whose pass-
word is stored can see that script. The two main places this can arise are
1. In the mysql.server script, you might need to use the UNIX root password. If this is the
case, make sure only root can read this script.
2. In PHP scripts that are used to connect to the database, you will need to store the pass-
word for that user. This can be done securely by putting the login and password in a file
called, for example, dbconnect.php, that you then include when required. This script can
be stored outside the Web document tree and made accessible only to the appropriate
user. Remember that if you put these details in a .inc or some other extension file in the
Web tree, you must be careful to check that your Web server knows these files must be
interpreted as PHP so that the details cannot be viewed in a Web browser.
Don’t store passwords in plain text in your database. MySQL passwords are not stored that
way, but commonly in Web applications you additionally want to store Web site member’s
login names and passwords. You can encrypt passwords (one-way) using MySQL’s PASSWORD()
or MD5() functions. Remember that if you INSERT a password in one of these formats when
you run a SELECT (to try and log a user in), you will need to use the same function again to
check the password a user has typed.
Using MySQL
P
ART II
252
14 7842 CH11 3/6/01 3:35 PM Page 252