Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Featured Database Articles

MySQL

Posted Oct 11, 1999

Privileged MySQL - Page 3

By Aaron Weiss

Prudently speaking, we need to take a few moments to consider the security model implemented in MySQL. After all, the MySQL server listens to a network port, and thus anyone could conceivably connect to the server. But you probably don't wish any random person to be able to query your database or, worse, write to your database, adding or deleting data. MySQL uses a security model based on usernames, password, and privileges quite similar to Unix's own security model.

An individual accessing the MySQL server has three identifying traits: a username, a password, and an originating host. When you assign privileges with MySQL, they are matched to the combination of a guest's username, password, and host. Sensible enough. For instance, you may wish to require that user "NiceGuy" with the password "ToughPass" connecting from any host in the nice.net domain, has read-only access to a database. There are actually quite a few possible permutations of these privileges ... you can read the whole mindnumbing treatise in the MySQL manual's Privilege System documentation.

When you first install MySQL it is insecure, as the root account has no password. So your first act should be to create a root password. Do remember that these MySQL user accounts are in no way connected to the user accounts in your Unix system, they are simply similar in nature. You'll find in mysql/bin a utility named mysqladmin, which is a quick way to access certain administrative functions of the server (you can also use the mysql/bin/mysql interactive client but the commands are longer). So, create a new root password:

/path/to/mysql/bin/mysqladmin -u root password new_password

For example:

/usr/local/mysql/bin/mysqladmin -u root password my!dog#99

Remember this root password, since it is the key to your master account with which you can administrate all your MySQL databases, and create, remove, or modify other MySQL access accounts.



MySQL Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 




Latest Forum Threads
MySQL Forum
Topic By Replies Updated
MySQL in high availability and transction secure banking application klamor 1 August 28th, 10:24 AM
MySQL rollback UAL225 1 August 28th, 10:15 AM
Browsing a DB file that uses MySql finleytech 1 July 26th, 10:51 AM
php cookie won't pass variable to next page ITdevGirl 0 June 22nd, 12:13 PM