|
-
August 24th, 2001, 04:52 PM
#1
Junior Member
 MySQL security
Does anyone know resources from MySQL database security resources.
Jaxn
-
August 25th, 2001, 06:31 PM
#2
Senior Member
There isn't too much on the net as far as securing MySQL. Probably because most of it is common computer security procedures. As long as you understand the privilege tables (read up on MySQL's own site), have good passwords, and don't give the password out in your database interface you should be alright.
Is there anything specific that you are interested in?
\"If you torture the data enough, it will confess.\" --Ronald Coase
-
August 27th, 2001, 04:21 PM
#3
Junior Member
When you say "don't give the password out in your database interface", what exactly do you mean. When interfacing MySQL through php you must have the username and password written in plain sight in your php code. I don't know of a way to get the source to php files from a web server, but I am worried that it is possible.
That is only the first concern that is running around my head right now. I was mainly wondering if there was a place to get some tips about securing MySQL (or SQL in general), and keeping php secure.
Thanks.
Jaxn
-
August 28th, 2001, 08:14 PM
#4
Senior Member
There shouldn't be a way to see the php source. One problem if you host with a company that has many sites on the same computer is that if you telnet in, you can see the files in other sites. So...anyone with a site could possibly get your password if you have it hardcoded in a php document. This can be a really big problem because most of the time the password for the MySQL database is the same as the account password.
\"If you torture the data enough, it will confess.\" --Ronald Coase
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
