1. Trang chủ
  2. » Công Nghệ Thông Tin

Sams MySQL Tutorial Dec 2003 ISBN 0672325845

10 90 0

Đang tải... (xem toàn văn)

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 10
Dung lượng 274,96 KB

Nội dung

How the Privilege System Works in Practice In Chapter 11, "Managing User Privileges," we discussed user account creation, granting and revoking privileges, and the grant tables We will begin this chapter by discussing how your MySQL server applies the privileges you have granted There are two stages to the privilege system In the first stage, MySQL checks whether a user is allowed to connect to the server at all The user table in the mysql database is used for this purpose MySQL looks up your username and password as entered and the host from which you are trying to connect to see whether there is a matching row If no row matches, you will not be able to connect to the server Because the user table supports wildcards in the host column, a user/hostname combination may match more than one row MySQL determines which row is relevant by matching the most specific hostname first For example, if there are rows in the table for test from host localhost and user test from host % (meaning any host), then the localhost row will be selected Note that these two rows can have different passwords This can cause a great deal of confusion (We will look at an example of this in the section "Deleting Anonymous Accounts," later in this chapter.) The second stage applies when you try to execute specific queries or commands MySQL checks each query against the grant tables before it is executed If the query you are trying to execute requires a global privilegesuch as doing a LOAD DATA INFILE or trying to use SHOW PROCESSLISTthe user table will be checked For databasespecific queries, the user table will be checked first If the user has the privilege on all databases, this will be sufficient If not, then the db and host tables are checked If the user does not have the privilege at this level, then if any table- or columnlevel privileges are set, these will be checked last Chapter 11 Managing User Privileges One of MySQL's strengths is its advanced user privilege system In this chapter, we'll discuss user account creation, the different privileges available, and how these privileges are represented within MySQL tables We'll cover the following: Creating user accounts with GRANT and REVOKE Privilege levels Understanding the privilege tables Deleting Anonymous Accounts MySQL creates some anonymous accounts that require no username to log in We recommend that you delete these The reasons behind this are covered in detail in Chapter 15, "Securing Your MySQL Installation," in the section "Deleting Anonymous Accounts." You can get rid of these accounts by typing this: use mysql; delete from user where User=''; delete from db where User=''; flush privileges; Chapter 15 Securing Your MySQL Installation In this chapter we'll discuss general security issues you should consider when running MySQL Although we cannot be comprehensive in the space of a single chapter, we will give you a list of the most important don'ts We will cover the following: How the privilege system works in practice Securing accounts Securing your installation files Filtering user data Other tips Securing Accounts There are a few general security principles that apply to the management of user accounts in MySQL We will look at these next Setting the Password for the Root Account When you install MySQL, the root password is not set by default You absolutely must set this password before using MySQL in anything other than a purely experimental environment Without the root password set, anyone can log in and do anything he wants to your data In virtually all cases, this is a very bad thing If you have not done so already, set this password immediately Deleting Anonymous Accounts When you install MySQL on Windows, it automatically creates some accounts for you On Linux, this happens when you run the mysql_install_db script Two of these accounts are anonymous; they represent the account you get when you don't specify a username One has a host value of localhost and the other % (any other host, so effectively any remote connection) These accounts have no passwords set by default You can probably already see where we're going with this, but we strongly recommend that you delete these accounts You can do this as shown here: delete from user where User=''; delete from db where User=''; You will need to follow this with a FLUSH PRIVILEGES statement to flush the grant tables The second reason to do this is that these accounts can cause confusion when regular users try to log in If you create an account for, let's say username laura at any host (%), then when laura tries to connect from localhost, the MySQL server looks for matching entries in the user table It has laura@% and (anonymous)@localhost Because MySQL matches the most specific hostname first, the matching row is (anonymous)@localhost Note that although laura has supplied a username, this doesn't matter! The anonymous accounts don't require a username This anonymous account is likely to have a different password from laura's account (by default, the password is blank, meaning the user should not supply one) This means that when laura tries to log in with her username and password from localhost, she will get an Access Denied error for no obvious reason Again, the best way to avoid this problem is to delete these accounts and forget about them Dangerous Privileges MySQL has a very fine-grained privilege system, as we discussed in Chapter 11 You must be very careful about to whom you grant some of these privileges The specific ones to be most careful of are FILE, PROCESS, and WITH GRANT OPTION The FILE privilege allows users to LOAD DATA INFILE This can be manipulated to load in files from the server (such as the password file /etc/passwd) or even database data files, effectively circumventing the privilege system The PROCESS privilege allows users to SHOW PROCESSLIST This reveals the queries being executed at any given time, which may reveal confidential information about one user to another The WITH GRANT OPTION privilege allows a user to share his privileges with others As long as you know this and understand the consequences, you can grant this privilege cautiously Passwords and Encryption MySQL user passwords are encrypted Before version 4.1, you could use the encrypted password as stored to log in This has now been fixed and the password and login mechanism have been made more secure If you are writing an application that stores (non-MySQL) usernames and passwords, we recommend that you use something other than the PASSWORD() function to encrypt them We recommend use of MD5() or ENCRYPT() instead See Chapter 8, "Using MySQL Built-In Functions with SELECT," for a further discussion of these functions Chapter 8 Using MySQL Built-In Functions with SELECT MySQL has a wide variety of built-in operators and functions that can be useful for writing queries Most of these are for use in the SELECT and WHERE clauses There are also some special grouping functions for use in the GROUP BY clause We have already used the basic comparison operators and the count() and max() functions A vast number of functions are available In this chapter, we take a tour of the most useful ones This book is not trying to be a function reference by any meanswe are just trying to give you a feel for the types of functionality available We will cover the following: Operators Control flow functions String functions Numeric functions Date and time functions Cast functions Other functions Functions for use with GROUP BY clauses One important point to note is that, in MySQL, any expression containing NULL will evaluate to NULL, with a few exceptions we will note as we go along We will discuss this further in the section on comparison operators In this chapter, we will make some use of the SELECT statement without any tables We can use SELECT as a basic calculator For example, if we type select 2+2; we will get the result + -+ | 2+2 | + -+ | 4 | + -+ 1 row in set (0.42 sec) We can execute any expression without tables and have access to a full range of math and other operators and functions Although the capability to execute 2+2 is trivial, the capability to do math at the SELECT level is not always so For example, this lets you perform financial analysis of values in tables and display the results in a report In all MySQL expressions, you can use parentheses to control the order in which subexpressions are evaluated, as you would in any programming language We will begin by looking at the operators ... management of user accounts in MySQL We will look at these next Setting the Password for the Root Account When you install MySQL, the root password is not set by default You absolutely must set this password before using MySQL in anything other than a purely experimental... reasons behind this are covered in detail in Chapter 15, "Securing Your MySQL Installation," in the section "Deleting Anonymous Accounts." You can get rid of these accounts by typing this: use mysql; delete from user where User='';... flush privileges; Chapter 15 Securing Your MySQL Installation In this chapter we'll discuss general security issues you should consider when running MySQL Although we cannot be comprehensive in the space of a single chapter, we will give you

Ngày đăng: 26/03/2019, 17:13

TỪ KHÓA LIÊN QUAN