Database Firewall
The most impressive feature of MySQL security is the Database Firewall. The firewall works with a fairly simple process. You record the queries on a certain database system for a certain time-frame and then add the queries to a white-list. After this period you lock the firewall and the system only allows these queries and rejects all others. This means that the spreadsheet Controllers are less a threat to data leakages. Since they only allow them to get the data they need and not the whole schema. (It is my personal opinion that connecting excel to a database via JDBC is fundamentally wrong).
Via the database firewall you limit the queries executed on the system to the legitimated list and avoid SQL injection. Technical background about the MySQL Database Firewall is available in this excellent blog by Tony Darnell.
Source:https://dev.mysql.com/doc/refman/5.6/en/firewall.html
Do you want additional information on MySQL security. Then I can advise the following documents from Oracle and the video by Mike Frank of the MySQL team.
摘自:https://technology.amis.nl/2015/09/25/mysql-database-security-mysql-database-firewall/
扫一扫
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
