Re: OT ~ Security: Why is Root More Secure Than mySQL?

Big subject, I don't know all the answers, but I'll comment.

Security is always a compromise with usability. Nobody can memorise a new, long, and random password at short intervals. People will need to either

write it down - a security breach
communicate en clair with the authority to recover forgotten passwords - another hole
or else suffer loss of the protected data - a defining characteristic of 'insecure'.

Any name/pass pair that is transmitted without encryption over a network can be read by any sniffers on the route. That is the weakness of telnet and FTP for managing remote accounts. The answer is to always use an SSL enabled protocol for remote connections. Administer your site via ssh and scp, and authenticate web users over https.

MySQL has varying security characteristics depending on how it's set up. It may or may not accept connections from a network. Many hosting companys only provide one password per account, forcing you to read public data over a connection with admin permissions on your database. For performance, the db server is often placed on a different machine than the web server, making connections from some subnet necessary. A compromised machine on that subnet becomes a threat to the db.

Localhost security of your home directory, outside your web root, depends entirely on secrecy of your login password. Your username is readily available to anyone with access to that machine. Use filesystem permissions to protect sensitive data there. It is occasionally necessary for cgi to write to files. Avoid that for anything sensitive if you do not have suEXEC available. If cgi runs as an unprivileged user, the directory containing the files must be publicly writable and readable.

The mysql manual has a section on security, mostly from the dbma point of view. It will tell you what to look for in a MySQL server.

Do not rely on secrecy of identities. Usernames, db names, directory names all can be discovered, and should be regarded as public.

I haven't given any easy answers. You need to examine your site and all its operations. Decide what is sensitive. Protect it with the proper tools.

Counterpane: Crypto-Gram is a good source for healthy pessimism on network security.

After Compline,
Zaxo

Comment on Re: OT ~ Security: Why is Root More Secure Than mySQL?

Replies are listed 'Best First'.
Re: Re: OT ~ Security: Why is Root More Secure Than mySQL? by jerrygarciuh (Curate) on Sep 06, 2002 at 17:06 UTC
Thank you for your detailed response Zaxo!! I do all my admin of mySQL via SSH but I guess I really should ditch my FTP entirely in favor of SSH for transfers. I am insufficiently paranoid I think. However I keep getting an error from SSH when starting a transfer session like: File Transfer Server Could Not Be Started Or It Exited Unexpectedly. Exit Value 0 was Returned. But I digress, Thanks for the information and advice!! jg _____________________________________________________ Think a race on a horse on a ball with a fish! TG	[reply] [d/l]

Replies are listed 'Best First'.

Re: Re: OT ~ Security: Why is Root More Secure Than mySQL?
by jerrygarciuh (Curate) on Sep 06, 2002 at 17:06 UTC

Zaxo

_____________________________________________________

[reply]
[d/l]