[nycphp-talk] MySQL security
John Adair
jadair at adairservices.net
Sun May 18 00:20:28 EDT 2003
I can't seem to find my my.cnf file. I know mysql is up and running.
phpmyadmin can access it and all. How do I figure out where the my.cnf file
(if by another name) is the actual configuration file in use.
Do you have any other security advice?
-----Original Message-----
From: Hans Zaunere [mailto:zaunere at yahoo.com]
Sent: Saturday, May 17, 2003 9:38 PM
To: NYPHP Talk
Subject: Re: [nycphp-talk] MySQL security
--- Susan Shemin <shemin.sr at verizon.net> wrote:
> How secure is a MySQL database?
Very.
> I'm putting together a new site (with
> individual logins), and I want to market the site on the basis that their
> data will be secure, and no one can hack into it. Can I say this with
> using MySQL?
Certainly.
That said, MySQL's security depends on proper setup and use of it's
permissions system, as is the case with any other database. And, if you
will
only be accessing the DB from the local system, set MySQL not to listen on a
public socket with the disable-tcp configuration option in my.cnf.
An advantage that MySQL has is it's Open Source development model. While I
realize that some would suggest Open Source is a security weakness,
especially in MySQL's I don't think this is so. There are thousands of eyes
on the MySQL codebase, constantly auditing it and trying to weed out any
issues.
H
>
> Susan
>
>
>
>
>
>
--- Unsubscribe at http://nyphp.org/list/ ---
More information about the talk
mailing list