Planet MySQL Planet MySQL: Meta Deutsch Español Français Italiano 日本語 Русский Português 中文
Showing entries 1 to 1

Displaying posts with tag: principle of least privilege (reset)

A Long Overdue Database Security Rant
+0 Vote Up -0Vote Down

I've been dealing with a security product from a security company in recent days that breaks best practices with respect to the database configuration. This has reminded me of the list of issues I've seen over the past six months that have raised my ire. I'll rail mostly at products that use SQL Server as the back-end, but I'll save the last example for one that uses MySQL. It's not the database products that are weak. It's the application implementation on them!

Case #1: Don't EVER use SA and don't enable the network if you don't have to!

This said security product recommends the use of SQL Server if you are using it on over 1,000 users. Okay, no problem. It wants its own instance. Okay... that raises a flag in and of itself. Is performance really that bad? Well, no, not



  [Read more...]
Showing entries 1 to 1

Planet MySQL © 1995, 2014, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.