目次
1. 媒介
2. Mysql账户权限安详
3. Mysql数据的网络安详设置
4. 暗码计策安详
5. Mysql日志
6. Mysql数据库处事地址主机安详设置
7. 陈设SQL注入检测、防止模块
8. mysqld安详相关启动选项
9. mysql备份计策
1. 媒介
Mysql数据库安详设置、可能叫加固属于风险模子中的一环,它需要安详人员在理论和实践的进修中不绝发明新的问题,并针对这些问题对数据的各个方面的设置举办强化。本文试图环绕着数据库风险识别、数据库安详加固这个问题,探讨可以采纳的法子来最洪流平的担保我们的数据库的安详节制处在一个较好的程度。
2. Mysql账户权限安详
mysql中存在4个节制权限的表,别离为
1. mysql.USER表
2. mysql.DB表
3. mysql.TABLES_PRIV表
4. mysql.COLUMNS_PRIV表
要留意的是,Mysql中有一个数据库"information_schema",好像内里生存的也是一些权限信息,可是要大白的是,这个数据库"information_schema"是为系统打点员提供元数据的一个轻便方法,它实际上是一个视图,可以领略为对Mysql中的一个信息的封装,对付Mysql主措施来说,身份认证和授权的信息的来历只有一个,就是"mysql"。
http://www.cnblogs.com/hzhida/archive/2012/08/08/2628826.html
0×1. mysql.USER表
select * from USER;
desc USER;
mysql> desc USER;+------------------------+-----------------------------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+------------------------+-----------------------------------+------+-----+---------+-------+
| Host | char(60) | NO | PRI | | |
| User | char(16) | NO | PRI | | |
| Password | char(41) | NO | | | |
| Select_priv | enum('N','Y') | NO | | N | |
| Insert_priv | enum('N','Y') | NO | | N | |
| Update_priv | enum('N','Y') | NO | | N | |
| Delete_priv | enum('N','Y') | NO | | N | |
| Create_priv | enum('N','Y') | NO | | N | |
| Drop_priv | enum('N','Y') | NO | | N | |
| Reload_priv | enum('N','Y') | NO | | N | |
| Shutdown_priv | enum('N','Y') | NO | | N | |
| Process_priv | enum('N','Y') | NO | | N | |
| File_priv | enum('N','Y') | NO | | N | |
| Grant_priv | enum('N','Y') | NO | | N | |
| References_priv | enum('N','Y') | NO | | N | |
| Index_priv | enum('N','Y') | NO | | N | |
| Alter_priv | enum('N','Y') | NO | | N | |
| Show_db_priv | enum('N','Y') | NO | | N | |
| Super_priv | enum('N','Y') | NO | | N | |
| Create_tmp_table_priv | enum('N','Y') | NO | | N | |
| Lock_tables_priv | enum('N','Y') | NO | | N | |
| Execute_priv | enum('N','Y') | NO | | N | |
| Repl_slave_priv | enum('N','Y') | NO | | N | |
| Repl_client_priv | enum('N','Y') | NO | | N | |
| Create_view_priv | enum('N','Y') | NO | | N | |
| Show_view_priv | enum('N','Y') | NO | | N | |
| Create_routine_priv | enum('N','Y') | NO | | N | |
| Alter_routine_priv | enum('N','Y') | NO | | N | |
| Create_user_priv | enum('N','Y') | NO | | N | |
| Event_priv | enum('N','Y') | NO | | N | |
| Trigger_priv | enum('N','Y') | NO | | N | |
| Create_tablespace_priv | enum('N','Y') | NO | | N | |
| ssl_type | enum('','ANY','X509','SPECIFIED') | NO | | | |
| ssl_cipher | blob | NO | | NULL | |
| x509_issuer | blob | NO | | NULL | |
| x509_subject | blob | NO | | NULL | |
| max_questions | int(11) unsigned | NO | | 0 | |
| max_updates | int(11) unsigned | NO | | 0 | |
| max_connections | int(11) unsigned | NO | | 0 | |
| max_user_connections | int(11) unsigned | NO | | 0 | |
| plugin | char(64) | YES | | | |
| authentication_string | text | YES | | NULL | |
| password_expired | enum('N','Y') | NO | | N | |
+------------------------+-----------------------------------+------+-----+---------+-------+