MySQL in Linux Yongyan Huang Department of Computer Science Southern Illinois University Carbondale Carbondale, IL, 62901 yyhuang@cs.siu.edu
Outline What s MySQL? Installation Post Installation Setup and Testing Security Issues Common Security Problems Conclusion
What s MySQL? The MySQL database server is the world's most popular open source database. Over six million installations use MySQL to power high-volume Web sites and other critical business systems including industry-leaders like The Associated Press, Yahoo, NASA, Sabre Holdings and Suzuki.
What s MySQL? (Contd.) Low Cost High Speed Scalability Reliability.
Installation Download Server and Client Package Download MySQL server and client from http://dev.mysql.com/downloads/mysql/4.1.html MySQL-server-4.1.13-0.i386.rpm MySQL-client-4.1.13-0.i386.rpm Check MD5 checksum shell>md5sum MySQL-server-4.1.13-0.i386.rpm shell>md5sum MySQL-client-4.1.13-0.i386.rpm
Installation Install MySQLserver shell> rpm i MySQL-server-4.1.13-0.i386.rpm Install MySQL client shell> rpm i MySQL-client-4.1.13-0.i386.rpm By default, the log and database file would be installed at /var/lib/mysql. The client programs and scripts would be installed at /usr/bin. The mysqld server would be installed at /usr/sbin.
Start the MySQL Server check if the server is running Shell> ps el grep mysqld Start mysql manually Shell> /etc/rc.d/init.d/mysql start
Post Installation Setup and Testing Root users: superuser accounts that can do anything. The initial root account passwords are empty, so anyone can connect to the MySQL server as root without a password and be granted all privileges. Default users: a kind of empty username. They have no passwords, so anyone can use them to connect to the MySQL server.
Post Installation Setup and Testing (Contd.) Set Password For Root User shell:> mysql -u root mysql mysql>update user set password=password( cs591 ) where user='root';
Post Installation Setup and Testing (Contd.) [root@localhost ~]# mysql -u root -p Enter password: Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 6 to server version: 4.1.13-standard Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> mysql> select user, host, password from user; +------+-----------+-------------------------------------------+ user host password +------+-----------+-------------------------------------------+ root localhost *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B localhost +------+-----------+-------------------------------------------+ 2 rows in set (0.03 sec)
Post Installation Setup and Testing (Contd.) Delete The Default User: mysql>delete from user where host='localhost' and user='' and password=''; mysql> select user, host, password from user; +------+-----------+-------------------------------------------+ user host password +------+-----------+-------------------------------------------+ root localhost *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B +------+-----------+-------------------------------------------+ 1 row in set (0.00 sec)
Post Installation Setup and Testing (Contd.) Add new user mysql> insert into user (host, user, password) values ('localhost', 'test1', password('test1pw')); mysql> select user, host, password from mysql.user; +-------+-----------+-------------------------------------------+ user host password +-------+-----------+-------------------------------------------+ root localhost *81F5E21E35407D884A6CD4A731AEBFB6AF209E1B test1 localhost *29D25F1800631E6537F85FBF1D8B96965C7706F0 +-------+-----------+-------------------------------------------+ 2 rows in set (0.00 sec)
Post Installation Setup and Testing (Contd.) Tips: Each time you modify the users information with the command delete, update, insert ; you should restart your mysql server to make your configuration to be effective or reload the grant tables manually, issue a FLUSH PRIVILEGES statement or execute a mysqladmin flushprivileges or mysqladmin reload command. pay attention to the column host and change it if needed. If it is localhost, this user can only visit server in local machine. If the user wants to connect to server from machine 131.230.133.142 (subnet mask:255.255.255.0), then the value of the host should be changed to 131.230.133.142/255.255.255.0.
Security Issues 1) Security of the initial user accounts Including set password for root user and delete the default user or set password for the default user. 2) Security on the password use function password() to encrypt the password mysql> update user set password=password('newpassword') where user ='username' and host= 'hostname'; then the password stored in the user table would become something like *81F5E21E35407D884A6CD4A731AEBFB6AF2 09E1B
Security Issues 3)Security on the user privilege Grant <privilege> on <object> to <user> [identified by user password] [with grant] mysql> GRANT all ON *.* TO admin IDENTIFIED BY 'cs591.user' ; Give some restriction on single user mysql> GRANT Select ON customer.* TO admin IDENTIFIED BY PASSWORD 'cs591.user WITH MAX_QUERIES_PER_HOUR 20 MAX_UPDATES_PER_HOUR 10 MAX_CONNECTIONS_PER_HOUR 5; Revoke <privilege> on <object> from <user> mysql> revoke insert on student.* from admin;
Security Issues 4) Security of the grant tables There are currently 5 tables that provide access control; the user, db, host, tables_priv and columns_priv tables. These tables all vary slightly in purpose, yet all serve the same function which is to verify that the user is doing what the user is allowed to do. For example, user table determines whether or not the connecting user is allowed to connect to the server. Assuming the connection is allowable, the privilege fields contain the user's global privileges. So do not ever give anyone (except MySQL root accounts) access to the user table in the mysql database!
Security Issues 5) Using secure connections (e.g. SSL, SSH) Do not transmit plain (unencrypted) data over the Internet. This information is accessible to everyone who has the time and ability to intercept it and use it for their own purposes. Instead, use an encrypted protocol such as SSL or SSH. mysql> SHOW VARIABLES LIKE 'have_openssl'; 6) Turn down network if necessary If a database only needs to be accessed locally, TCP networking can be disabled. (/usr/bin/safe_mysqld, start up script) --skip-networking --skip-locking > > $err_log 2> &1 --skip-networking --skip-locking "$@" > > $err_log 2> &1
Security Issues
Security Issues 7)Do not trust any data entered by users of your applications SELECT * FROM usertable WHERE ID=234 or 1=1. No matter whether there is a user with ID=23 or not, the server would return all user records in the user table. Because the condition of where would always be true! This exposes every record and causes excessive server load. This is called SQL Injection attack. use apostrophes around the numeric constants: SELECT * FROM table WHERE ID='234'. If the user enters extra information, it all becomes part of the string. Select * from usertalbe where ID= 123 or 1=1 The attacker can not get anything.
Common Security Issues 1. Do not store any plain-text passwords in your database. If your computer becomes compromised, the intruder can take the full list of passwords and use them. 2. Do not choose passwords from dictionaries. There are special programs to break them. 3. Use firewall. It can protect your system from attack. MySQL uses port 3306 by default. This port should not be accessible from untrusted hosts. 4. Update your MySQL server when there is new patch. The same principle applies to the other utility packages that may be loaded on your server, such as: SSH, zlib, or wu-ftp.
Conclusion The installation is very easy, but the security configuration is not. You should take every possibility into account to make sure your database is safe!
Thank you! Questions?