Security

最新推荐文章于 2024-10-01 17:33:05 发布

yumushui

最新推荐文章于 2024-10-01 17:33:05 发布

阅读量393

点赞数

分类专栏： MySQL数据库文章标签： mysql

MySQL数据库专栏收录该内容

102 篇文章 0 订阅

订阅专栏

本文转载自：http://dev.mysql.com/doc/refman/5.5/en/security.html

Security

Table of Contents [+/-]

6.1 General Security Issues [+/-]

6.1.1 Security Guidelines 6.1.2 Keeping Passwords Secure 6.1.3 Making MySQL Secure Against Attackers 6.1.4 Security-Related mysqld Options and Variables 6.1.5 How to Run MySQL as a Normal User 6.1.6 Security Issues with LOAD DATA LOCAL 6.1.7 Client Programming Security Guidelines

6.2 The MySQL Access Privilege System [+/-]

6.2.1 Privileges Provided by MySQL 6.2.2 Privilege System Grant Tables 6.2.3 Specifying Account Names 6.2.4 Access Control, Stage 1: Connection Verification 6.2.5 Access Control, Stage 2: Request Verification 6.2.6 When Privilege Changes Take Effect 6.2.7 Causes of Access-Denied Errors

6.3 MySQL User Account Management [+/-]

6.3.1 User Names and Passwords 6.3.2 Adding User Accounts 6.3.3 Removing User Accounts 6.3.4 Setting Account Resource Limits 6.3.5 Assigning Account Passwords 6.3.6 Pluggable Authentication 6.3.7 Authentication Plugins Available in MySQL 6.3.8 Proxy Users 6.3.9 Using SSL for Secure Connections 6.3.10 Connecting to MySQL Remotely from Windows with SSH 6.3.11 MySQL Enterprise Audit Log Plugin 6.3.12 SQL-Based MySQL Account Activity Auditing

When thinking about security within a MySQL installation, you should consider a wide range of possible topics and how they affect the security of your MySQL server and related applications:

General factors that affect security. These include choosing good passwords, not granting unnecessary privileges to users, ensuring application security by preventing SQL injections and data corruption, and others. See Section 6.1, “General Security Issues”.
Security of the installation itself. The data files, log files, and the all the application files of your installation should be protected to ensure that they are not readable or writable by unauthorized parties. For more information, see Section 2.10, “Postinstallation Setup and Testing”.
Access control and security within the database system itself, including the users and databases granted with access to the databases, views and stored programs in use within the database. For more information, see Section 6.2, “The MySQL Access Privilege System”, and Section 6.3, “MySQL User Account Management”.
Network security of MySQL and your system. The security is related to the grants for individual users, but you may also wish to restrict MySQL so that it is available only locally on the MySQL server host, or to a limited set of other hosts.
Ensure that you have adequate and appropriate backups of your database files, configuration and log files. Also be sure that you have a recovery solution in place and test that you are able to successfully recover the information from your backups. See Chapter 7, Backup and Recovery.