Session by Laura Thomson, OmniTI. Laura is author of a number of popular PHP and MySQL books.
Session will be on security at the developer level and is written from a programmer’s perspective.
Many developers plug along without any knowledge that they have security problems, security awareness is a relatively new thing. This session is not about guru-level knowledge, it is about developer-level practices.
MySQL Security Basics
- Do not run your mysqld as the unix root user. Run it as a purpose-created user.Do not use the purpose-created user for anything else. MySQL root user is not related to the Unix root user.
- Set permissions on DB data files directory so that only mysqld user can access them.
- Disable symlinks to tables with –skip-symbolic-links unless you need them.
- Disable access to port 3306 except to trusted hosts.