Sheraz <[EMAIL PROTECTED]> wrote:
> How can i achieve Security acpect in mysql?
> How secure can we make transactions over internet for
> 3306 ?
Use SSL.
--
For technical support contracts, goto https://order.mysql.com/?ref=ensita
This email is sponsored by Ensita.net http://www.ensita
Thank you Victoria and Mikhail.
thanks a lot
Victoria Reznichenko <[EMAIL PROTECTED]> wrote:
Timotius Alfa wrote:
>
> Hi All,
>
> I'm newbie in MYSQL. Would please tell me about Mysql Security ?
>
> I used Windows2000 for mysql server.
>
Privilege system of MySQL is described in the fo
Timotius Alfa <[EMAIL PROTECTED]> wrote:
>
> Hi All,
>
> I'm newbie in MYSQL. Would please tell me about Mysql Security ?
>
> I used Windows2000 for mysql server.
>
Privilege system of MySQL is described in the following section of the manual:
http://www.mysql.com/doc/en/Privilege_s
Hi,
> I'm newbie in MYSQL. Would please tell me about Mysql Security ?
Generally you can find a lot of information about MySQL on
http://www.mysql.com/doc/en/
About your question you can read here:
http://www.mysql.com/doc/en/Privilege_system.html
Mikhail.
- Original Message -
From:
In your "user" table in the mysql database, remove all the lines that allow
logins from other hosts.
mysql> use mysql
mysql> delete from user where host <> "localhost;
mysql> flush privileges;
-ms
-Original Message-
From: Mel [mailto:[EMAIL PROTECTED]
Sent: Saturday, April 05, 2003 9:3
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
On Thu, 19 Dec 2002, Michael Widenius wrote:
> With 'DROP DATABASE database_name'.
> Through the depricated client function 'mysql_drop_db()'.
>
> The first case works correct but in the second case the grant check
> is not done. I tracked this
http://iConnect.de>
Heesestr. 6, 12169 Berlin (Germany)
Telefon: +49 30 7970948-0 Fax: +49 30 7970948-3
- Original Message -
From: "Csongor Fagyal" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, December 18, 2002 11:33 AM
Subject: Re: MySQL sec
18, 2002 5:34 AM
> To: [EMAIL PROTECTED]
> Subject: Re: MySQL security flaws uncovered
>
>
> Michael She wrote:
>
> > It's bad for business : )
> >
> > Maybe they're taking the MS route.
>
> I second this. These vulnerabilities are serious, t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
thanks for your message.
On Wed, 18 Dec 2002, Gary Huntress wrote:
> I'd like to add to the "security flaw" thread with my own experience. I
> have been hosting MySQL databases for over 2 years and on a few
> occasions have had user databases di
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 18 Dec 2002, Csongor Fagyal wrote:
> Michael She wrote:
>
> > It's bad for business : )
> > Maybe they're taking the MS route.
>
> I second this. These vulnerabilities are serious, they must be given
> more attention. Apache, PHP, RedHat and s
Michael She wrote:
It's bad for business : )
Maybe they're taking the MS route.
I second this. These vulnerabilities are serious, they must be given
more attention. Apache, PHP, RedHat and so on and so on are very careful
with issues like this, all vulnerabilities/exploits are immediately
p
It's bad for business : )
Maybe they're taking the MS route.
At 12:19 AM 12/18/2002 -0500, Michael Bacarella wrote:
A good question posted to another list..
forwarded message follows
> Several vulnerabilities have been found in the MySQL database system, a
> light database package c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 18 Dec 2002, Michael Bacarella wrote:
> A good question posted to another list..
>
> forwarded message follows
>
> > Several vulnerabilities have been found in the MySQL database system,
> > a light database package commonly used in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
On Tue, 17 Dec 2002, Jannie Qu wrote:
> I got the following information. Does any one of you know whether it
> will impact my MySQL db server or not: Version 3.23.53 with InnoDB on
> Mac OS Darwin Kernel Version 6.2. If it does, what's the soluti
On Tue, Jul 16, 2002 at 02:51:59PM +0200, Mathias Bertelsen wrote:
> Hello
>
> Do you think MySQL is secure enough to keep peoples bookkeeping in?
> is it safe enough to use without risk of losing important data? Is
> it necessary to do anything to make it secure? (eg. use of
> transactions/backu
We use MySQL to store financial data and have never had a problem.
The things you mentioned (transactions/backup/power failure security) should
be used with ANY database that stores critical information that cannot be
lost. No database is completely bullet proof. Regular backups stored at an
of
On Tue, 16 Apr 2002, David Ayliffe wrote:
> Are MySQL really going to give you details of their past security
> 'issues'?
>
> Think about it. Try going underground and looking on some exploit
> sites.
>
> DA
>
>
> >
> Hi,
> I'm working on security breaches in MySQL. Can someone guide me i
Are MySQL really going to give you details of their past security
'issues'?
Think about it. Try going underground and looking on some exploit
sites.
DA
>
Hi,
I'm working on security breaches in MySQL. Can someone guide me in this.
To be precise can you tell me about some literature, some
- Original Message -
From: <[EMAIL PROTECTED]>
To: Michael Vejs <[EMAIL PROTECTED]>
Sent: Friday, February 22, 2002 12:45 PM
Subject: Re: MySQL security on Win2k server ??
> Your message cannot be posted because it appears to be either spam or
> simply off topic
rtigas Center
Pasig City
Tel: (632) 634-5141/ (632) 634-5140
Fax: (632) 634-5139
- Original Message -
From: "Gerald R. Jensen" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, January 08, 2002 11:25 AM
Subject: Re: mySQL security
> Dear "- -&quo
Dear "- -":
I would revoke all permissions for dummy, then create new permissions for
users on a database-by-database basis. If you look at the syntax for GRANT
in the manual, you can stipulate which databases a user would have access
to.
A word of caution: don't use root. Create a user for your
> Hi!
>
> On Oct 28, Kevin Maynard wrote:
> > I have been building an extensive dB with MySQL for a large Insurance
> > Company and am nearing the completion stage. I have build several PHP
> > forms to show the preliminary pages to the various groups who will be
> > using this dB.
> >
> > I have
Hi!
On Oct 28, Kevin Maynard wrote:
> I have been building an extensive dB with MySQL for a large Insurance
> Company and am nearing the completion stage. I have build several PHP
> forms to show the preliminary pages to the various groups who will be
> using this dB.
>
> I have created the
Have you tried something like
SELECT User,Password from user where (User=$ID AND Password($PW)=password);
ie. equate the result of password("string") to the stored, encrypted,
password
Regards
Quentin
-Original Message-
From: Kevin Maynard [mailto:[EMAIL PROTECTED]]
Sent: Monday, 29 O
> The fact that he has logged on should not require him to specify
> password again.
This fact means: when a user is logged in, he is allowed to use the
mysql-server:
use this one:( every logged -on -user on localhost has all rights to
every base and table without pw)
GRANT USAGE ON *.*
TO "
-- Forwarded message --
Date: Thu, 26 Jul 2001 13:15:06 -0400 (EDT)
From: sachin shetty <[EMAIL PROTECTED]>
To: Christian Grimm <[EMAIL PROTECTED]>
Subject: Re: Mysql Security
Thanks Christian
But when a user connects to the server isnt it mandatory to specify
On Fri, 8 Jun 2001, nyon wrote:
> I installed MySQL on Windows NT.
> Currently, I login in using annoyomous user.
> I can't seem to login in as root user.
> The syntax is : mysql -u root -p xxx
With the above command mysql thinks you are trying to access
database xxx using a password to be spec
I installed MySQL on Windows NT.
Currently, I login in using annoyomous user.
I can't seem to login in as root user.
The syntax is : mysql -u root -p xxx
It's seems funny as I can see the root password in the MySQL database --> user table.
Any help ?
Nyon
TED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: MySQL Security
>
> > Make sure that the files are not world readable.
>
> In Linux system, In order to run CGI in PERL script, that perl script
> must be 755. It is read by any users and Perl is written in text format, so
&
Taing Nguon wrote:
>
> > Make sure that the files are not world readable.
>
> In Linux system, In order to run CGI in PERL script, that perl script
> must be 755. It is read by any users and Perl is written in text format, so
> Its is easy to know user and password of MYSQL. How do you think
"Taing Nguon" <[EMAIL PROTECTED]> wrote:
>
> > Make sure that the files are not world readable.
>
> In Linux system, In order to run CGI in PERL script, that perl script
> must be 755. It is read by any users and Perl is written in text format, so
No entirely true. The reason the files are
> Make sure that the files are not world readable.
In Linux system, In order to run CGI in PERL script, that perl script
must be 755. It is read by any users and Perl is written in text format, so
Its is easy to know user and password of MYSQL. How do you think about
this?Need More HELP
> I would think that if the user does not have grant options set on the
> particular DB in the mysql.db table, then he would not be able to access
it
> using DBI, even if he is a local user.
I have already tried to do it by myself. and I found that although any user
has no MYSQL user's account,
Make sure that the files are not world readable.
On Tue, 3 Apr 2001, Taing Nguon wrote:
> Date: Tue, 3 Apr 2001 09:52:30 +0700
> From: Taing Nguon <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: MySQL Security
>
> Dear sir or madam
>
> MySQL user's account is not related to user's a
Taing Nguon wrote:
>
> Dear sir or madam
>
> MySQL user's account is not related to user's account on Linux System, so they
>can be different.
>
> My problem is that I use perl DBI to interact MySQL server as belows:
>
> --
> use DBI;
> $dbh = DBI->connect("DBI:mysql:DatabaseName","$u
Hi!
On Jan 15, Nicolas GREGOIRE wrote:
>
>
> Sergei Golubchik a Ucrit :
> >
> > Hi!
> >
> > On Jan 12, JoUo Gouveia wrote:
> > > Hi,
> > >
> > > I believe i've found a problem in MySql. Here are some test's i've made in
> > > 3.22.27 x86( also tested on v3.22.32 - latest stable, although i didn't
Sergei Golubchik a écrit :
>
> Hi!
>
> On Jan 12, João Gouveia wrote:
> > Hi,
> >
> > I believe i've found a problem in MySql. Here are some test's i've made in
> > 3.22.27 x86( also tested on v3.22.32 - latest stable, although i didn't
> > debug it, just tested to see if crashes ).
>
> Confirm
Hi!
On Jan 12, João Gouveia wrote:
> Hi,
>
> I believe i've found a problem in MySql. Here are some test's i've made in
> 3.22.27 x86( also tested on v3.22.32 - latest stable, although i didn't
> debug it, just tested to see if crashes ).
Confirmed up to latest 3.23
This will be fixed ASAP!
Th
38 matches
Mail list logo
