Specifications

ManualsBrandsMaxxus ManualsExercise BikePRO SPK-23

271

272

273

274

275

276

277

278

279

280

We will use this functionality when we come to implement the projects in Part 5, “Building

Practical PHP and MySQL Projects.”

User Privileges

Knowledge is power. Make sure that you understand MySQL’s privilege system, and the con-

sequences of granting particular privileges. Don’t grant more privileges to any user than she

needs. You should check this by looking at the grant tables.

In particular, don’t grant the PROCESS, FILE, SHUTDOWN, and RELOAD privileges to any user other

than an administrator unless absolutely necessary. The

PROCESS privilege can be used to see

what other users are doing and typing, including their passwords. The

FILE privilege can be

used to read and write files to and from the operating system (including, say, /etc/password

on a UNIX system).

The

GRANT privilege should also be granted with caution as this allows users to share their priv-

ileges with others.

Make sure that when you set up users, you only grant them access from the hosts that they will

be connecting from. If you have jane@localhost as a user, that’s fine, but plain jane is pretty

common and could log in from anywhere—and she might not be the jane you think she is.

Avoid using wildcards in hostnames for similar reasons.

You can further increase security by using IPs rather than domain names in your host table.

This avoids problems with errors or crackers at your DNS. You can enforce this by starting the

MySQL daemon with the --skip-name-resolve option, which means that all host column val-

ues must be either IP addresses or localhost.

Another alternative is to start mysqld with the --secure option. This checks resolved IPs to

see whether they resolve back to the hostname provided. (This is on by default from version

3.22 onward.)

You should also prevent non-administrative users from having access to the

mysqladmin pro-

gram on your Web server. Because this runs from the command line, it is an issue of operating

system privilege.

Web Issues

When you connect your MySQL database to the Web, it raises some special security issues.

It’s not a bad idea to start by setting up a special user just for the purpose of Web connections.

This way you can give them the minimum privilege necessary and not grant, for example,

DROP, ALTER, or CREATE privileges to that user. You might grant SELECT only on catalog tables,

and INSERT only on order tables. Again, this is an illustration of how to use the principle of

least privilege.

Advanced MySQL

HAPTER 11

ADVANCED

SQL

253

14 7842 CH11 3/6/01 3:35 PM Page 253