1、 set in my.cnf configureation file
[mysqld]
Query_chache_suze=16M
Max_allow_packet=1G
2、 set when starting server
mysqld –query_cache_size=16M –max_allowed_packet=1G
(the value can be given a suffix of K,M or G to indicate a multiplier of 1024,10242 or 10243;)
3、 use set command
(we can use the command “set” to changed while the server running.)
Such as:
Set global sort_buffer_size=1000000,SESSION sort_buffer_size=1000000;
Set @@global.sort_buffer_size=1000000,@@sort_buffer_size=1000000;
(if we change a global system variable,the value is rememberd and used for new connection until the server restarts)
一、 set session variables
1、 use set command (bug a client can change only its own session variables,not those of any client.)
2、 specify the variable when session connections
shell> mysql –max_allowed_packet=16M
3 、check the mysql version use mysql command
Such as: “rpm -qa | grep mysql”
“show variables like ‘version’”
4、 check weather the empty password in mysql.user
Such as: “select user from mysql.user where user=’’;”
5、 check the user privileges
such as : “use mysql”
“select * from user”
We can use command like “mysqladmin” or “mysql” or “mysqld” and so on to set the exec command privileges.
We should open the shell and write something like:
“which mysqladmin”
“which mysql”
“which mysqld”
And use command like “ls -al” to check their jurisdiction.
So we can use this way to limit the user’s jurisdiction
Also we can join the mysql and user the command “show variables like ‘basedir’” or command “select @@basedir” to found the mysql basedir”
6、 check the mysql.host weather exists ‘%’ or not
such as “select user from mysql.user wherr host=’%’;”
if we want to keep our sql safe ,we can use command “delete” to delete the user who have ‘%’;
7、 close the mysql remote networking
open the mysql config ,maybe is ’/etc/my.cnf’ and we can append the value “skip-networking” and restart the service to edit completed!
8、 clean the mysql command history
the mysql history always save in ‘/.mysql_history’
we can use command “cat /.mysql_history” to read the mysql history command
9、 limit the mysql basedir only allowed the mysql read & write
we can use command “show variables like ‘datadir’; ” to select the mysql directory and use command “ls -al +basedir” to show the mysql basedir’s privileges;
10、 show the data dir of the mysql
command:”show variables like ‘datadir’;”
11、 limit the mysql load local file
now we open the file “/etc/my.cnf” and append the string like:”set-variable=local-infile=0” to limit the command “load”、”DATA”、”LOCAL”、”INFILE”
12、 change the mysql log audit
we can open the mysql config file “/etc/my.cmnf” and append string like : ”err-log=/var/log/mysqld.log”
“pid-file=/var/run/mysqld/mysqld.pid”