On Wednesday 26 November 2003 13:43, Curley, Thomas wrote: > Mike > > Correct and this is the architecture. The internet facing box has a > routable IP, the DB box is separate and is not ext routable. > > The issue the security review highlighted strongly was the fact that if a > hacker got access to the box (however) then copying /var/lib/mysql/database > would result in a major security breach > > To the chap who siad its not a DB issue - I will check with Oracle but I'm > sure that dropping in a directory in oracle will not give you full access > to a database (a clear one that is)
In the end, it's all tradeoffs. You could put an encryption algorithm into your web interface, but then the key is public. However, cracking the DB server only gets you encrypted data. Tradeoff? Speed. Best data security practice (silly) - don't have the data in the first place. -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
