Author: paul
Date: 2006-01-28 06:52:53 +0100 (Sat, 28 Jan 2006)
New Revision: 1074
Log:
r6798@frost: paul | 2006-01-27 19:32:00 -0600
General revisions.
Modified:
trunk/
trunk/refman-4.1/database-administration.xml
trunk/refman-5.0/database-administration.xml
trunk/refman-5.1/database-administration.xml
Property changes on: trunk
___________________________________________________________________
Name: svk:merge
- b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:6796
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:2588
+ b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:6798
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:2588
Modified: trunk/refman-4.1/database-administration.xml
===================================================================
--- trunk/refman-4.1/database-administration.xml 2006-01-28 00:43:31 UTC (rev 1073)
+++ trunk/refman-4.1/database-administration.xml 2006-01-28 05:52:53 UTC (rev 1074)
@@ -1436,11 +1436,11 @@
</para>
<para>
- If this is enabled, a user can't create new users by using
- the <literal>GRANT</literal> statement, if the user
- doesn't have the <literal>INSERT</literal> privilege for
- the <literal>mysql.user</literal> table or any column in
- the table.
+ If this option is enabled, a user cannot create new MySQL
+ users by using the <literal>GRANT</literal> statement, if
+ the user doesn't have the <literal>INSERT</literal>
+ privilege for the <literal>mysql.user</literal> table or
+ any column in the table.
</para>
</listitem>
@@ -6568,7 +6568,7 @@
<para>
The number of physical reads of a key block from disk. If
- <literal>Key_reads</literal> is big, then your
+ <literal>Key_reads</literal> is large, then your
<literal>key_buffer_size</literal> value is probably too
small. The cache miss rate can be calculated as
<literal>Key_reads</literal>/<literal>Key_read_requests</literal>.
@@ -6678,7 +6678,7 @@
</para>
<para>
- The number of free memory blocks in query cache.
+ The number of free memory blocks in the query cache.
</para>
</listitem>
@@ -6688,7 +6688,7 @@
</para>
<para>
- The amount of free memory for query cache.
+ The amount of free memory for the query cache.
</para>
</listitem>
@@ -6698,7 +6698,7 @@
</para>
<para>
- The number of cache hits.
+ The number of query cache hits.
</para>
</listitem>
@@ -6708,7 +6708,7 @@
</para>
<para>
- The number of queries added to the cache.
+ The number of queries added to the query cache.
</para>
</listitem>
@@ -6718,8 +6718,8 @@
</para>
<para>
- The number of queries that were deleted from the cache
- because of low memory.
+ The number of queries that were deleted from the query
+ cache because of low memory.
</para>
</listitem>
@@ -6741,7 +6741,7 @@
</para>
<para>
- The number of queries registered in the cache.
+ The number of queries registered in the query cache.
</para>
</listitem>
@@ -6761,7 +6761,7 @@
</para>
<para>
- The number of statements that have been sent to the
+ The number of statements that clients have sent to the
server.
</para>
</listitem>
@@ -6807,8 +6807,8 @@
<para>
The number of joins that used ranges on the first table.
- (it is normally not critical even if this is big.) This
- variable was added in MySQL 3.23.25.
+ This is normally not critical issue even if the value is
+ quite large. This variable was added in MySQL 3.23.25.
</para>
</listitem>
@@ -6843,8 +6843,9 @@
</para>
<para>
- The number of temporary tables currently open by the slave
- SQL thread. This variable was added in MySQL 3.23.29.
+ The number of temporary tables that the slave SQL thread
+ currently has open. This variable was added in MySQL
+ 3.23.29.
</para>
</listitem>
@@ -6902,10 +6903,11 @@
</para>
<para>
- The number of merge passes the sort algorithm has had to
- do. If this value is large, you should consider increasing
- the value of the <literal>sort_buffer_size</literal>
- system variable. This variable was added in MySQL 3.23.28.
+ The number of merge passes that the sort algorithm has had
+ to do. If this value is large, you should consider
+ increasing the value of the
+ <literal>sort_buffer_size</literal> system variable. This
+ variable was added in MySQL 3.23.28.
</para>
</listitem>
@@ -6976,7 +6978,7 @@
<para>
The number of times that a table lock could not be
acquired immediately and a wait was needed. If this is
- high, and you have performance problems, you should first
+ high and you have performance problems, you should first
optimize your queries, and then either split your table or
tables or use replication. This variable was added in
MySQL 3.23.33.
@@ -9536,7 +9538,7 @@
<para>
MySQL uses security based on Access Control Lists (ACLs) for all
connections, queries, and other operations that users can
- attempt to perform. There is also some support for SSL-encrypted
+ attempt to perform. There is also support for SSL-encrypted
connections between MySQL clients and servers. Many of the
concepts discussed here are not specific to MySQL at all; the
same general ideas apply to almost all applications.
@@ -9581,20 +9583,19 @@
<para>
Try <literal>mysql -u root</literal>. If you are able to
connect successfully to the server without being asked
- for a password, then <emphasis>anyone</emphasis> can
- connect to your MySQL server as the MySQL
- <literal>root</literal> user with full privileges.
- Review the MySQL installation instructions, paying
- particular attention to the information about setting a
- <literal>root</literal> password. See
+ for a password, anyone can connect to your MySQL server
+ as the MySQL <literal>root</literal> user with full
+ privileges! Review the MySQL installation instructions,
+ paying particular attention to the information about
+ setting a <literal>root</literal> password. See
<xref linkend="default-privileges"/>.
</para>
</listitem>
<listitem>
<para>
- Use the <literal>SHOW GRANTS</literal> statement to see
- who has access to what. Then use the
+ Use the <literal>SHOW GRANTS</literal> statement to
+ check which accounts have access to what. Then use the
<literal>REVOKE</literal> statement to remove those
privileges that are not necessary.
</para>
@@ -9609,22 +9610,23 @@
your computer becomes compromised, the intruder can take the
full list of passwords and use them. Instead, use
<literal>MD5()</literal>, <literal>SHA1()</literal>, or some
- other one-way hashing function.
+ other one-way hashing function and store the hash value.
</para>
</listitem>
<listitem>
<para>
- Do not choose passwords from dictionaries. There are special
- programs to break them. Even passwords like
+ Do not choose passwords from dictionaries. Special programs
+ exist to break passwords. Even passwords like
<quote>xfish98</quote> are very bad. Much better is
<quote>duag98</quote> which contains the same word
<quote>fish</quote> but typed one key to the left on a
- standard QWERTY keyboard. Another method is to use the first
- characters of each word in a sentence. For example,
- <quote>Mhall</quote> is taken from <quote>Mary had a little
- lamb.</quote> This is easy to remember and type, but
- difficult to guess for someone who does not know it.
+ standard QWERTY keyboard. Another method is to use a
+ password that is taken from the first characters of each
+ word in a sentence (for example, <quote>Mary had a little
+ lamb</quote> results in a password of <quote>Mhall</quote>).
+ The password is easy to remember and type, but difficult to
+ guess for someone who does not know the sentence.
</para>
</listitem>
@@ -9649,12 +9651,13 @@
untrusted hosts. Another simple way to check whether or
not your MySQL port is open is to try the following
command from some remote machine, where
- <literal>server_host</literal> is the host on which your
- MySQL server runs:
+ <replaceable>server_host</replaceable> is the hostname
+ or IP number of the host on which your MySQL server
+ runs:
</para>
<programlisting>
-shell> <userinput>telnet server_host 3306</userinput>
+shell> <userinput>telnet <replaceable>server_host</replaceable> 3306</userinput>
</programlisting>
<para>
@@ -9662,8 +9665,8 @@
port is open, and should be closed on your firewall or
router, unless you really have a good reason to keep it
open. If <command>telnet</command> hangs or the
- connection is refused, this is good; this means that the
- port is blocked.
+ connection is refused, the port is blocked, which is how
+ you want it to be.
</para>
</listitem>
@@ -9677,7 +9680,7 @@
escaped character sequences in Web forms, URLs, or whatever
application you have built. Be sure that your application
remains secure if a user enters something like
- <quote><literal>; DROP DATABASE mysql;</literal>.</quote>
+ <quote><literal>; DROP DATABASE mysql;</literal></quote>.
This is an extreme example, but large security leaks and
data loss might occur as a result of hackers using similar
techniques, if you do not prepare for them.
@@ -9820,6 +9823,12 @@
<listitem>
<para>
+ Ruby DBI: Use placeholders.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
Java JDBC: Use a <literal>PreparedStatement</literal>
object and placeholders.
</para>
@@ -9840,8 +9849,9 @@
and ability to intercept it and use it for their own
purposes. Instead, use an encrypted protocol such as SSL or
SSH. MySQL supports internal SSL connections as of version
- 4.0.0. SSH port-forwarding can be used to create an
- encrypted (and compressed) tunnel for the communication.
+ 4.0. Another technique is to use SSH port-forwarding to
+ create an encrypted (and compressed) tunnel for the
+ communication.
</para>
</listitem>
@@ -9891,34 +9901,30 @@
connection. Password handling during the client connection
sequence was upgraded in MySQL 4.1.1 to be very secure. If you
are using an older version of MySQL, or are still using
- pre-4.1.1-style passwords, the encryption algorithm is less
- strong and with some effort a clever attacker who can sniff the
- traffic between the client and the server can crack the
- password. (See <xref linkend="password-hashing"/>, for a
- discussion of the different password handling methods.) If the
- connection between the client and the server goes through an
- untrusted network, you should use an SSH tunnel to encrypt the
- communication.
+ pre-4.1.1-style passwords, the encryption algorithm is not as
+ strong as the newer algorithmm With some effort, a clever
+ attacker who can sniff the traffic between the client and the
+ server can crack the password. (See
+ <xref linkend="password-hashing"/>, for a discussion of the
+ different password handling methods.)
</para>
<para>
- All other information is transferred as text that can be read by
- anyone who is able to watch the connection. If you are concerned
- about this, you can use the compressed protocol (in MySQL 3.22
- and above) to make traffic much more difficult to decipher. To
- make the connection even more secure, you should use SSH to
- obtain an encrypted TCP/IP connection between a MySQL server and
- a MySQL client. You can find an Open Source SSH client at
- <ulink url="http://www.openssh.org/"/>, and a commercial SSH
- client at <ulink url="http://www.ssh.com/"/>.
+ All other information is transferred as text, and can be read by
+ anyone who is able to watch the connection. If the connection
+ between the client and the server goes through an untrusted
+ network, and you are concerned about this, you can use the
+ compressed protocol (in MySQL 3.22 and above) to make traffic
+ much more difficult to decipher. You can also use MySQL's
+ internal SSL support to make the connection even more secure in
+ MySQL 4.0 and up. See <xref linkend="secure-connections"/>.
+ Alternatively, use SSH to get an encrypted TCP/IP connection
+ between a MySQL server and a MySQL client. You can find an Open
+ Source SSH client at <ulink url="http://www.openssh.org/"/>, and
+ a commercial SSH client at <ulink url="http://www.ssh.com/"/>.
</para>
<para>
- If you are using MySQL 4.0 or newer, you can also use internal
- OpenSSL support. See <xref linkend="secure-connections"/>.
- </para>
-
- <para>
To make a MySQL system secure, you should strongly consider the
following suggestions:
</para>
@@ -9927,59 +9933,49 @@
<listitem>
<para>
- Use passwords for all MySQL users. A client program does not
- necessarily know the identity of the person running it. It
- is common for client/server applications that the user can
- specify any username to the client program. For example,
- anyone can use the <command>mysql</command> program to
- connect as any other person simply by invoking it as
+ Require all MySQL accounts to have a password. A client
+ program does not necessarily know the identity of the person
+ running it. It is common for client/server applications that
+ the user can specify any username to the client program. For
+ example, anyone can use the <command>mysql</command> program
+ to connect as any other person simply by invoking it as
<literal>mysql -u <replaceable>other_user</replaceable>
<replaceable>db_name</replaceable></literal> if
<replaceable>other_user</replaceable> has no password. If
- all users have a password, connecting using another user's
+ all account have a password, connecting using another user's
account becomes much more difficult.
</para>
<para>
- To change the password for a user, use the <literal>SET
- PASSWORD</literal> statement. It is also possible to update
- the <literal>user</literal> table in the
- <literal>mysql</literal> database directly. For example, to
- change the password of all MySQL accounts that have a
- username of <literal>root</literal>, do this:
+ For a discussion of methods for setting passwords, see
+ <xref linkend="passwords"/>.
</para>
-
-<programlisting>
-shell> <userinput>mysql -u root</userinput>
-mysql> <userinput>UPDATE mysql.user SET Password=PASSWORD('<replaceable>newpwd</replaceable>')</userinput>
- -> <userinput>WHERE User='root';</userinput>
-mysql> <userinput>FLUSH PRIVILEGES;</userinput>
-</programlisting>
</listitem>
<listitem>
<para>
- <emphasis>Do not run the MySQL server as the Unix
- <literal>root</literal> user</emphasis>. This is very
- dangerous, because any user with the <literal>FILE</literal>
- privilege is able to create files as <literal>root</literal>
- (for example, <literal>~root/.bashrc</literal>). To prevent
- this, <command>mysqld</command> refuses to run as
- <literal>root</literal> unless specified explicitly using
- the option <option>--user=root</option>.
+ Never run the MySQL server as the Unix
+ <literal>root</literal> user. This is extremely dangerous,
+ because any user with the <literal>FILE</literal> privilege
+ is able to cause the server to create files as
+ <literal>root</literal> (for example,
+ <literal>~root/.bashrc</literal>). To prevent this,
+ <command>mysqld</command> refuses to run as
+ <literal>root</literal> unless that is specified explicitly
+ using the <option>--user=root</option> option.
</para>
<para>
<command>mysqld</command> can (and should) be run as an
ordinary, unprivileged user instead. You can also create a
separate Unix account named <literal>mysql</literal> to make
- everything even more secure. Use the account only for
- administering MySQL. To start <command>mysqld</command> as
- another Unix user, add a <literal>user</literal> option that
- specifies the username to the <literal>[mysqld]</literal>
- group of the <filename>/etc/my.cnf</filename> option file or
- the <filename>my.cnf</filename> option file in the server's
- data directory. For example:
+ everything even more secure. Use this account only for
+ administering MySQL. To start <command>mysqld</command> as a
+ different Unix user, add a <literal>user</literal> option
+ that specifies the username in the
+ <literal>[mysqld]</literal> group of the
+ <filename>my.cnf</filename> option file where you specify
+ server options. For example:
</para>
<programlisting>
@@ -10007,12 +10003,13 @@
<listitem>
<para>
- Do not allow the use of symlinks to tables. (This can be
- disabled with the <option>--skip-symbolic-links</option>
- option.) This is especially important if you run
- <command>mysqld</command> as <literal>root</literal>,
- because anyone having write access to the server's data
- directory then could delete any file in the system! See
+ Do not allow the use of symlinks to tables. (This capability
+ can be disabled with the
+ <option>--skip-symbolic-links</option> option.) This is
+ especially important if you run <command>mysqld</command> as
+ <literal>root</literal>, because anyone that has write
+ access to the server's data directory then could delete any
+ file in the system! See
<xref linkend="symbolic-links-to-tables"/>.
</para>
</listitem>
@@ -10030,11 +10027,12 @@
Do not grant the <literal>PROCESS</literal> or
<literal>SUPER</literal> privilege to non-administrative
users. The output of <command>mysqladmin
- processlist</command> shows the text of any statements
- currently being executed, so any user who is allowed to
- execute that command might be able to see whether another
+ processlist</command> and <literal>SHOW
+ PROCESSLIST</literal> shows the text of any statements
+ currently being executed, so any user who is allowed to see
+ the server process list might be able to see whether another
user issues a statement such as <literal>UPDATE user SET
- password=PASSWORD('<replaceable>plaintext-password</replaceable>');</literal>.
+ password=PASSWORD('not_secure')</literal>.
</para>
<para>
@@ -10184,9 +10182,9 @@
</para>
<para>
- If this is enabled, a user cannot create new users by using
- the <literal>GRANT</literal> statement unless the user has
- the <literal>INSERT</literal> privilege for the
+ If this option is enabled, a user cannot create new MySQL
+ users by using the <literal>GRANT</literal> statement unless
+ the user has the <literal>INSERT</literal> privilege for the
<literal>mysql.user</literal> table. If you want a user to
have the ability to create new users that have those
privileges that the user has right to grant, you should
@@ -10330,8 +10328,8 @@
process has read access to (assuming that a user could run
any command against the SQL server). In this environment,
the client with respect to the MySQL server actually is the
- Web server, not the program being run by the user connecting
- to the Web server.
+ Web server, not the remote program being run by the user who
+ connects to the Web server.
</para>
</listitem>
@@ -10356,11 +10354,11 @@
<listitem>
<para>
- If you build MySQL from source but do not use the
- <option>--enable-local-infile</option> option to
- <command>configure</command>, <literal>LOAD DATA
- LOCAL</literal> cannot be used by any client unless it is
- written explicitly to invoke <literal>mysql_options(...
+ If you build MySQL from source but do not invoke
+ <command>configure</command> with the
+ <option>--enable-local-infile</option> option, <literal>LOAD
+ DATA LOCAL</literal> cannot be used by any client unless it
+ is written explicitly to invoke <literal>mysql_options(...
MYSQL_OPT_LOCAL_INFILE, 0)</literal>. See
<xref linkend="mysql-options"/>.
</para>
@@ -10566,7 +10564,7 @@
<para>
MySQL has an advanced but non-standard security and privilege
- system. This section describes how it works.
+ system. The following discussion describes how it works.
</para>
<section id="what-privileges">
@@ -10589,7 +10587,7 @@
<para>
The primary function of the MySQL privilege system is to
- authenticate a user connecting from a given host, and to
+ authenticate a user who connects from a given host and to
associate that user with privileges on a database such as
<literal>SELECT</literal>, <literal>INSERT</literal>,
<literal>UPDATE</literal>, and <literal>DELETE</literal>.
Modified: trunk/refman-5.0/database-administration.xml
===================================================================
--- trunk/refman-5.0/database-administration.xml 2006-01-28 00:43:31 UTC (rev 1073)
+++ trunk/refman-5.0/database-administration.xml 2006-01-28 05:52:53 UTC (rev 1074)
@@ -1454,11 +1454,11 @@
</para>
<para>
- If this is enabled, a user can't create new users by using
- the <literal>GRANT</literal> statement, if the user
- doesn't have the <literal>INSERT</literal> privilege for
- the <literal>mysql.user</literal> table or any column in
- the table.
+ If this option is enabled, a user cannot create new MySQL
+ users by using the <literal>GRANT</literal> statement, if
+ the user doesn't have the <literal>INSERT</literal>
+ privilege for the <literal>mysql.user</literal> table or
+ any column in the table.
</para>
</listitem>
@@ -6892,13 +6892,13 @@
</para>
<para>
- The number of pages busy because they have been allocated
- for administrative overhead such as row locks or the
- adaptive hash index. This value can also be calculated as
- <literal>Innodb_buffer_pool_pages_total</literal> -
- <literal>Innodb_buffer_pool_pages_free</literal> -
- <literal>Innodb_buffer_pool_pages_data</literal>. Added in
- MySQL 5.0.2.
+ The number of pages that are busy because they have been
+ allocated for administrative overhead such as row locks or
+ the adaptive hash index. This value can also be calculated
+ as <literal>Innodb_buffer_pool_pages_total</literal>
+ − <literal>Innodb_buffer_pool_pages_free</literal>
+ − <literal>Innodb_buffer_pool_pages_data</literal>.
+ Added in MySQL 5.0.2.
</para>
</listitem>
@@ -6908,7 +6908,8 @@
</para>
<para>
- Total size of buffer pool, in pages. Added in MySQL 5.0.2.
+ The total size of buffer pool, in pages. Added in MySQL
+ 5.0.2.
</para>
</listitem>
@@ -6918,10 +6919,10 @@
</para>
<para>
- The number of <quote>random</quote> read-aheads
- <literal>InnoDB</literal> initiated. This happens when a
- query is to scan a large portion of a table but in random
- order. Added in MySQL 5.0.2.
+ The number of <quote>random</quote> read-aheads initiated
+ by <literal>InnoDB</literal>. This happens when a query
+ scans a large portion of a table but in random order.
+ Added in MySQL 5.0.2.
</para>
</listitem>
@@ -6931,8 +6932,8 @@
</para>
<para>
- The number of sequential read-aheads
- <literal>InnoDB</literal> initiated. This happens when
+ The number of sequential read-aheads initiated by
+ <literal>InnoDB</literal>. This happens when
<literal>InnoDB</literal> does a sequential full table
scan. Added in MySQL 5.0.2.
</para>
@@ -7109,8 +7110,8 @@
</para>
<para>
- The number of waits we had because log buffer was too
- small and we had to wait for it to be flushed before
+ The number of times that the log buffer was too small and
+ a wait was required for it to be flushed before
continuing. Added in MySQL 5.0.2.
</para>
</listitem>
@@ -7164,7 +7165,8 @@
</para>
<para>
- Pending log file writes. Added in MySQL 5.0.2.
+ The number of pending log file writes. Added in MySQL
+ 5.0.2.
</para>
</listitem>
@@ -7375,7 +7377,7 @@
<para>
The number of physical reads of a key block from disk. If
- <literal>Key_reads</literal> is big, then your
+ <literal>Key_reads</literal> is large, then your
<literal>key_buffer_size</literal> value is probably too
small. The cache miss rate can be calculated as
<literal>Key_reads</literal>/<literal>Key_read_requests</literal>.
@@ -7409,8 +7411,8 @@
<para>
The total cost of the last compiled query as computed by
- the query optimizer. Useful for comparing the cost of
- different query plans for the same query. The default
+ the query optimizer. This is useful for comparing the cost
+ of different query plans for the same query. The default
value of 0 means that no query has been compiled yet. This
variable was added in MySQL 5.0.1, with a default value of
-1. In MySQL 5.0.7, the default was changed to 0; also in
@@ -7497,7 +7499,7 @@
</para>
<para>
- The number of free memory blocks in query cache.
+ The number of free memory blocks in the query cache.
</para>
</listitem>
@@ -7507,7 +7509,7 @@
</para>
<para>
- The amount of free memory for query cache.
+ The amount of free memory for the query cache.
</para>
</listitem>
@@ -7517,7 +7519,7 @@
</para>
<para>
- The number of cache hits.
+ The number of query cache hits.
</para>
</listitem>
@@ -7527,7 +7529,7 @@
</para>
<para>
- The number of queries added to the cache.
+ The number of queries added to the query cache.
</para>
</listitem>
@@ -7537,8 +7539,8 @@
</para>
<para>
- The number of queries that were deleted from the cache
- because of low memory.
+ The number of queries that were deleted from the query
+ cache because of low memory.
</para>
</listitem>
@@ -7560,7 +7562,7 @@
</para>
<para>
- The number of queries registered in the cache.
+ The number of queries registered in the query cache.
</para>
</listitem>
@@ -7580,7 +7582,7 @@
</para>
<para>
- The number of statements that have been sent to the
+ The number of statements that clients have sent to the
server.
</para>
</listitem>
@@ -7630,8 +7632,8 @@
Why not? Why the comment, if it's not important?
</remark>
- It is normally not a critical issue even if this is quite
- large.
+ This is normally not a critical issue even if the value is
+ quite large.
</para>
</listitem>
@@ -7664,8 +7666,8 @@
</para>
<para>
- The number of temporary tables currently open by the slave
- SQL thread.
+ The number of temporary tables that the slave SQL thread
+ currently has open.
</para>
</listitem>
@@ -7686,9 +7688,9 @@
</para>
<para>
- Total number of times since startup that the replication
- slave SQL thread has retried transactions. This variable
- was added in version 5.0.4.
+ The total number of times since startup that the
+ replication slave SQL thread has retried transactions.
+ This variable was added in version 5.0.4.
</para>
</listitem>
@@ -7721,10 +7723,10 @@
</para>
<para>
- The number of merge passes the sort algorithm has had to
- do. If this value is large, you should consider increasing
- the value of the <literal>sort_buffer_size</literal>
- system variable.
+ The number of merge passes that the sort algorithm has had
+ to do. If this value is large, you should consider
+ increasing the value of the
+ <literal>sort_buffer_size</literal> system variable.
</para>
</listitem>
@@ -7791,7 +7793,7 @@
<para>
The number of times that a table lock could not be
acquired immediately and a wait was needed. If this is
- high, and you have performance problems, you should first
+ high and you have performance problems, you should first
optimize your queries, and then either split your table or
tables or use replication.
</para>
@@ -11544,7 +11546,7 @@
<para>
MySQL uses security based on Access Control Lists (ACLs) for all
connections, queries, and other operations that users can
- attempt to perform. There is also some support for SSL-encrypted
+ attempt to perform. There is also support for SSL-encrypted
connections between MySQL clients and servers. Many of the
concepts discussed here are not specific to MySQL at all; the
same general ideas apply to almost all applications.
@@ -11590,19 +11592,19 @@
<para>
Try <literal>mysql -u root</literal>. If you are able to
connect successfully to the server without being asked
- for a password, you have problems. Anyone can connect to
- your MySQL server as the MySQL <literal>root</literal>
- user with full privileges! Review the MySQL installation
- instructions, paying particular attention to the
- information about setting a <literal>root</literal>
- password. See <xref linkend="default-privileges"/>.
+ for a password, anyone can connect to your MySQL server
+ as the MySQL <literal>root</literal> user with full
+ privileges! Review the MySQL installation instructions,
+ paying particular attention to the information about
+ setting a <literal>root</literal> password. See
+ <xref linkend="default-privileges"/>.
</para>
</listitem>
<listitem>
<para>
- Use the <literal>SHOW GRANTS</literal> statement and
- check to see who has access to what. Then use the
+ Use the <literal>SHOW GRANTS</literal> statement to
+ check which accounts have access to what. Then use the
<literal>REVOKE</literal> statement to remove those
privileges that are not necessary.
</para>
@@ -11617,22 +11619,23 @@
your computer becomes compromised, the intruder can take the
full list of passwords and use them. Instead, use
<literal>MD5()</literal>, <literal>SHA1()</literal>, or some
- other one-way hashing function.
+ other one-way hashing function and store the hash value.
</para>
</listitem>
<listitem>
<para>
- Do not choose passwords from dictionaries. There are special
- programs to break them. Even passwords like
+ Do not choose passwords from dictionaries. Special programs
+ exist to break passwords. Even passwords like
<quote>xfish98</quote> are very bad. Much better is
<quote>duag98</quote> which contains the same word
<quote>fish</quote> but typed one key to the left on a
- standard QWERTY keyboard. Another method is to use
- <quote>Mhall</quote> which is taken from the first
- characters of each word in the sentence <quote>Mary had a
- little lamb.</quote> This is easy to remember and type, but
- difficult to guess for someone who does not know it.
+ standard QWERTY keyboard. Another method is to use a
+ password that is taken from the first characters of each
+ word in a sentence (for example, <quote>Mary had a little
+ lamb</quote> results in a password of <quote>Mhall</quote>).
+ The password is easy to remember and type, but difficult to
+ guess for someone who does not know the sentence.
</para>
</listitem>
@@ -11657,12 +11660,13 @@
untrusted hosts. Another simple way to check whether or
not your MySQL port is open is to try the following
command from some remote machine, where
- <literal>server_host</literal> is the host on which your
- MySQL server runs:
+ <replaceable>server_host</replaceable> is the hostname
+ or IP number of the host on which your MySQL server
+ runs:
</para>
<programlisting>
-shell> <userinput>telnet server_host 3306</userinput>
+shell> <userinput>telnet <replaceable>server_host</replaceable> 3306</userinput>
</programlisting>
<para>
@@ -11670,8 +11674,8 @@
port is open, and should be closed on your firewall or
router, unless you really have a good reason to keep it
open. If <literal>telnet</literal> hangs or the
- connection is refused, then the port is blocked, which
- is how you want it to be.
+ connection is refused, the port is blocked, which is how
+ you want it to be.
</para>
</listitem>
@@ -11685,7 +11689,7 @@
escaped character sequences in Web forms, URLs, or whatever
application you have built. Be sure that your application
remains secure if a user enters something like
- <quote><literal>; DROP DATABASE mysql;</literal>.</quote>
+ <quote><literal>; DROP DATABASE mysql;</literal></quote>.
This is an extreme example, but large security leaks and
data loss might occur as a result of hackers using similar
techniques, if you do not prepare for them.
@@ -11834,6 +11838,12 @@
<listitem>
<para>
+ Ruby DBI: Use placeholders.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
Java JDBC: Use a <literal>PreparedStatement</literal>
object and placeholders.
</para>
@@ -11854,8 +11864,9 @@
and ability to intercept it and use it for their own
purposes. Instead, use an encrypted protocol such as SSL or
SSH. MySQL supports internal SSL connections as of version
- 4.0.0. SSH port-forwarding can be used to create an
- encrypted (and compressed) tunnel for the communication.
+ 4.0. Another technique is to use SSH port-forwarding to
+ create an encrypted (and compressed) tunnel for the
+ communication.
</para>
</listitem>
@@ -11904,33 +11915,29 @@
connection. Password handling during the client connection
sequence was upgraded in MySQL 4.1.1 to be very secure. If you
are still using pre-4.1.1-style passwords, the encryption
- algorithm is not as strong as the newer algorithm; with some
- effort a clever attacker who can sniff the traffic between the
+ algorithm is not as strong as the newer algorithmm With some
+ effort, a clever attacker who can sniff the traffic between the
client and the server can crack the password. (See
<xref linkend="password-hashing"/>, for a discussion of the
- different password handling methods.) If the connection between
- the client and the server goes through an untrusted network, you
- should use an SSH tunnel to encrypt the communication.
+ different password handling methods.)
</para>
<para>
All other information is transferred as text, and can be read by
- anyone who is able to watch the connection. If you are concerned
- about this, you can use the compressed protocol to make traffic
- much more difficult to decipher. To make the connection even
- more secure, you should use SSH to get an encrypted TCP/IP
- connection between a MySQL server and a MySQL client. You can
- find an Open Source SSH client at
+ anyone who is able to watch the connection. If the connection
+ between the client and the server goes through an untrusted
+ network, and you are concerned about this, you can use the
+ compressed protocol to make traffic much more difficult to
+ decipher. You can also use MySQL's internal SSL support to make
+ the connection even more secure. See
+ <xref linkend="secure-connections"/>. Alternatively, use SSH to
+ get an encrypted TCP/IP connection between a MySQL server and a
+ MySQL client. You can find an Open Source SSH client at
<ulink url="http://www.openssh.org/"/>, and a commercial SSH
client at <ulink url="http://www.ssh.com/"/>.
</para>
<para>
- You can also use MySQL's internal OpenSSL support. See
- <xref linkend="secure-connections"/>.
- </para>
-
- <para>
To make a MySQL system secure, you should strongly consider the
following suggestions:
</para>
@@ -11939,34 +11946,23 @@
<listitem>
<para>
- Use passwords for all MySQL users. A client program does not
- necessarily know the identity of the person running it. It
- is common for client/server applications that the user can
- specify any username to the client program. For example,
- anyone can use the <command>mysql</command> program to
- connect as any other person simply by invoking it as
+ Require all MySQL accounts to have a password. A client
+ program does not necessarily know the identity of the person
+ running it. It is common for client/server applications that
+ the user can specify any username to the client program. For
+ example, anyone can use the <command>mysql</command> program
+ to connect as any other person simply by invoking it as
<literal>mysql -u <replaceable>other_user</replaceable>
<replaceable>db_name</replaceable></literal> if
<replaceable>other_user</replaceable> has no password. If
- all users have a password, connecting using another user's
+ all account have a password, connecting using another user's
account becomes much more difficult.
</para>
<para>
- To change the password for a user, use the <literal>SET
- PASSWORD</literal> statement. It is also possible to update
- the <literal>user</literal> table in the
- <literal>mysql</literal> database directly. For example, to
- change the password of all MySQL accounts that have a
- username of <literal>root</literal>, do this:
+ For a discussion of methods for setting passwords, see
+ <xref linkend="passwords"/>.
</para>
-
-<programlisting>
-shell> <userinput>mysql -u root</userinput>
-mysql> <userinput>UPDATE mysql.user SET Password=PASSWORD('<replaceable>newpwd</replaceable>')</userinput>
- -> <userinput>WHERE User='root';</userinput>
-mysql> <userinput>FLUSH PRIVILEGES;</userinput>
-</programlisting>
</listitem>
<listitem>
@@ -11974,8 +11970,9 @@
Never run the MySQL server as the Unix
<literal>root</literal> user. This is extremely dangerous,
because any user with the <literal>FILE</literal> privilege
- is able to create files as <literal>root</literal> (for
- example, <literal>~root/.bashrc</literal>). To prevent this,
+ is able to cause the server to create files as
+ <literal>root</literal> (for example,
+ <literal>~root/.bashrc</literal>). To prevent this,
<command>mysqld</command> refuses to run as
<literal>root</literal> unless that is specified explicitly
using the <option>--user=root</option> option.
@@ -11988,11 +11985,10 @@
everything even more secure. Use this account only for
administering MySQL. To start <command>mysqld</command> as a
different Unix user, add a <literal>user</literal> option
- that specifies the username to the
+ that specifies the username in the
<literal>[mysqld]</literal> group of the
- <filename>/etc/my.cnf</filename> option file or the
- <filename>my.cnf</filename> option file in the server's data
- directory. For example:
+ <filename>my.cnf</filename> option file where you specify
+ server options. For example:
</para>
<programlisting>
@@ -12019,12 +12015,13 @@
<listitem>
<para>
- Don't allow the use of symlinks to tables. (This can be
- disabled with the <option>--skip-symbolic-links</option>
- option.) This is especially important if you run
- <command>mysqld</command> as <literal>root</literal>,
- because anyone that has write access to the server's data
- directory then could delete any file in the system! See
+ Do not allow the use of symlinks to tables. (This capability
+ can be disabled with the
+ <option>--skip-symbolic-links</option> option.) This is
+ especially important if you run <command>mysqld</command> as
+ <literal>root</literal>, because anyone that has write
+ access to the server's data directory then could delete any
+ file in the system! See
<xref linkend="symbolic-links-to-tables"/>.
</para>
</listitem>
@@ -12039,14 +12036,15 @@
<listitem>
<para>
- Don't grant the <literal>PROCESS</literal> or
+ Do not grant the <literal>PROCESS</literal> or
<literal>SUPER</literal> privilege to non-administrative
users. The output of <command>mysqladmin
- processlist</command> shows the text of any statements
- currently being executed, so any user who is allowed to
- execute to run that command might be able to see whether
- another user issues a statement such as <literal>UPDATE user
- SET password=PASSWORD('not_secure')</literal>.
+ processlist</command> and <literal>SHOW
+ PROCESSLIST</literal> shows the text of any statements
+ currently being executed, so any user who is allowed to see
+ the server process list might be able to see whether another
+ user issues a statement such as <literal>UPDATE user SET
+ password=PASSWORD('not_secure')</literal>.
</para>
<para>
@@ -12067,7 +12065,7 @@
<listitem>
<para>
- Don't grant the <literal>FILE</literal> privilege to
+ Do not grant the <literal>FILE</literal> privilege to
non-administrative users. Any user that has this privilege
can write a file anywhere in the filesystem with the
privileges of the <command>mysqld</command> daemon! To make
@@ -12198,9 +12196,9 @@
</para>
<para>
- If this is enabled, a user cannot create new users by using
- the <literal>GRANT</literal> statement unless the user has
- the <literal>INSERT</literal> privilege for the
+ If this option is enabled, a user cannot create new MySQL
+ users by using the <literal>GRANT</literal> statement unless
+ the user has the <literal>INSERT</literal> privilege for the
<literal>mysql.user</literal> table. If you want a user to
have the ability to create new users that have those
privileges that the user has right to grant, you should
@@ -12274,7 +12272,7 @@
</para>
<para>
- Don't allow TCP/IP connections over the network. All
+ Do not allow TCP/IP connections over the network. All
connections to <command>mysqld</command> must be made via
Unix socket files.
</para>
@@ -12341,8 +12339,8 @@
process has read access to (assuming that a user could run
any command against the SQL server). In this environment,
the client with respect to the MySQL server actually is the
- Web server, not the program being run by the user connecting
- to the Web server.
+ Web server, not the remote program being run by the user who
+ connects to the Web server.
</para>
</listitem>
@@ -12367,11 +12365,11 @@
<listitem>
<para>
- If you build MySQL from source but don't use the
- <option>--enable-local-infile</option> option to
- <command>configure</command>, <literal>LOAD DATA
- LOCAL</literal> cannot be used by any client unless it is
- written explicitly to invoke <literal>mysql_options(...
+ If you build MySQL from source but do not invoke
+ <command>configure</command> with the
+ <option>--enable-local-infile</option> option, <literal>LOAD
+ DATA LOCAL</literal> cannot be used by any client unless it
+ is written explicitly to invoke <literal>mysql_options(...
MYSQL_OPT_LOCAL_INFILE, 0)</literal>. See
<xref linkend="mysql-options"/>.
</para>
@@ -12570,7 +12568,7 @@
<para>
MySQL has an advanced but non-standard security and privilege
- system. This section describes how it works.
+ system. The following discussion describes how it works.
</para>
<section id="what-privileges">
@@ -12593,7 +12591,7 @@
<para>
The primary function of the MySQL privilege system is to
- authenticate a user connecting from a given host, and to
+ authenticate a user who connects from a given host and to
associate that user with privileges on a database such as
<literal>SELECT</literal>, <literal>INSERT</literal>,
<literal>UPDATE</literal>, and <literal>DELETE</literal>.
Modified: trunk/refman-5.1/database-administration.xml
===================================================================
--- trunk/refman-5.1/database-administration.xml 2006-01-28 00:43:31 UTC (rev 1073)
+++ trunk/refman-5.1/database-administration.xml 2006-01-28 05:52:53 UTC (rev 1074)
@@ -1451,11 +1451,11 @@
</para>
<para>
- If this is enabled, a user can't create new users by using
- the <literal>GRANT</literal> statement, if the user
- doesn't have the <literal>INSERT</literal> privilege for
- the <literal>mysql.user</literal> table or any column in
- the table.
+ If this option is enabled, a user cannot create new MySQL
+ users by using the <literal>GRANT</literal> statement, if
+ the user doesn't have the <literal>INSERT</literal>
+ privilege for the <literal>mysql.user</literal> table or
+ any column in the table.
</para>
</listitem>
@@ -6976,12 +6976,12 @@
</para>
<para>
- The number of pages busy because they have been allocated
- for administrative overhead such as row locks or the
- adaptive hash index. This value can also be calculated as
- <literal>Innodb_buffer_pool_pages_total</literal> -
- <literal>Innodb_buffer_pool_pages_free</literal> -
- <literal>Innodb_buffer_pool_pages_data</literal>.
+ The number of pages that are busy because they have been
+ allocated for administrative overhead such as row locks or
+ the adaptive hash index. This value can also be calculated
+ as <literal>Innodb_buffer_pool_pages_total</literal>
+ − <literal>Innodb_buffer_pool_pages_free</literal>
+ − <literal>Innodb_buffer_pool_pages_data</literal>.
</para>
</listitem>
@@ -6991,7 +6991,7 @@
</para>
<para>
- Total size of buffer pool, in pages.
+ The total size of the buffer pool, in pages.
</para>
</listitem>
@@ -7001,10 +7001,9 @@
</para>
<para>
- The number of <quote>random</quote> read-aheads
- <literal>InnoDB</literal> initiated. This happens when a
- query is to scan a large portion of a table but in random
- order.
+ The number of <quote>random</quote> read-aheads initiated
+ by <literal>InnoDB</literal>. This happens when a query
+ scans a large portion of a table but in random order.
</para>
</listitem>
@@ -7014,8 +7013,8 @@
</para>
<para>
- The number of sequential read-aheads
- <literal>InnoDB</literal> initiated. This happens when
+ The number of sequential read-aheads initiated by
+ <literal>InnoDB</literal>. This happens when
<literal>InnoDB</literal> does a sequential full table
scan.
</para>
@@ -7188,8 +7187,8 @@
</para>
<para>
- The number of waits we had because log buffer was too
- small and we had to wait for it to be flushed before
+ The number of times that the log buffer was too small and
+ a wait was required for it to be flushed before
continuing.
</para>
</listitem>
@@ -7242,7 +7241,7 @@
</para>
<para>
- Pending log file writes.
+ The number of pending log file writes.
</para>
</listitem>
@@ -7447,7 +7446,7 @@
<para>
The number of physical reads of a key block from disk. If
- <literal>Key_reads</literal> is big, then your
+ <literal>Key_reads</literal> is large, then your
<literal>key_buffer_size</literal> value is probably too
small. The cache miss rate can be calculated as
<literal>Key_reads</literal>/<literal>Key_read_requests</literal>.
@@ -7481,8 +7480,8 @@
<para>
The total cost of the last compiled query as computed by
- the query optimizer. Useful for comparing the cost of
- different query plans for the same query. The default
+ the query optimizer. This is useful for comparing the cost
+ of different query plans for the same query. The default
value of 0 means that no query has been compiled yet. The
default value is 0. <literal>Last_query_cost</literal> has
session scope.
@@ -7561,7 +7560,7 @@
</para>
<para>
- The number of free memory blocks in query cache.
+ The number of free memory blocks in the query cache.
</para>
</listitem>
@@ -7571,7 +7570,7 @@
</para>
<para>
- The amount of free memory for query cache.
+ The amount of free memory for the query cache.
</para>
</listitem>
@@ -7581,7 +7580,7 @@
</para>
<para>
- The number of cache hits.
+ The number of query cache hits.
</para>
</listitem>
@@ -7591,7 +7590,7 @@
</para>
<para>
- The number of queries added to the cache.
+ The number of queries added to the query cache.
</para>
</listitem>
@@ -7601,8 +7600,8 @@
</para>
<para>
- The number of queries that were deleted from the cache
- because of low memory.
+ The number of queries that were deleted from the query
+ cache because of low memory.
</para>
</listitem>
@@ -7624,7 +7623,7 @@
</para>
<para>
- The number of queries registered in the cache.
+ The number of queries registered in the query cache.
</para>
</listitem>
@@ -7644,7 +7643,7 @@
</para>
<para>
- The number of statements that have been sent to the
+ The number of statements that clients have sent to the
server.
</para>
</listitem>
@@ -7694,8 +7693,8 @@
Why not? Why the comment, if it's not important?
</remark>
- It is normally not a critical issue even if this is quite
- large.
+ This is normally not a critical issue even if the value is
+ quite large.
</para>
</listitem>
@@ -7728,8 +7727,8 @@
</para>
<para>
- The number of temporary tables currently open by the slave
- SQL thread.
+ The number of temporary tables that the slave SQL thread
+ currently has open.
</para>
</listitem>
@@ -7750,8 +7749,8 @@
</para>
<para>
- Total number of times since startup that the replication
- slave SQL thread has retried transactions.
+ The total number of times since startup that the
+ replication slave SQL thread has retried transactions.
</para>
</listitem>
@@ -7784,10 +7783,10 @@
</para>
<para>
- The number of merge passes the sort algorithm has had to
- do. If this value is large, you should consider increasing
- the value of the <literal>sort_buffer_size</literal>
- system variable.
+ The number of merge passes that the sort algorithm has had
+ to do. If this value is large, you should consider
+ increasing the value of the
+ <literal>sort_buffer_size</literal> system variable.
</para>
</listitem>
@@ -7854,7 +7853,7 @@
<para>
The number of times that a table lock could not be
acquired immediately and a wait was needed. If this is
- high, and you have performance problems, you should first
+ high and you have performance problems, you should first
optimize your queries, and then either split your table or
tables or use replication.
</para>
@@ -11589,7 +11588,7 @@
<para>
MySQL uses security based on Access Control Lists (ACLs) for all
connections, queries, and other operations that users can
- attempt to perform. There is also some support for SSL-encrypted
+ attempt to perform. There is also support for SSL-encrypted
connections between MySQL clients and servers. Many of the
concepts discussed here are not specific to MySQL at all; the
same general ideas apply to almost all applications.
@@ -11635,19 +11634,19 @@
<para>
Try <literal>mysql -u root</literal>. If you are able to
connect successfully to the server without being asked
- for a password, you have problems. Anyone can connect to
- your MySQL server as the MySQL <literal>root</literal>
- user with full privileges! Review the MySQL installation
- instructions, paying particular attention to the
- information about setting a <literal>root</literal>
- password. See <xref linkend="default-privileges"/>.
+ for a password, anyone can connect to your MySQL server
+ as the MySQL <literal>root</literal> user with full
+ privileges! Review the MySQL installation instructions,
+ paying particular attention to the information about
+ setting a <literal>root</literal> password. See
+ <xref linkend="default-privileges"/>.
</para>
</listitem>
<listitem>
<para>
- Use the <literal>SHOW GRANTS</literal> statement and
- check to see who has access to what. Then use the
+ Use the <literal>SHOW GRANTS</literal> statement to
+ check which accounts have access to what. Then use the
<literal>REVOKE</literal> statement to remove those
privileges that are not necessary.
</para>
@@ -11662,22 +11661,23 @@
your computer becomes compromised, the intruder can take the
full list of passwords and use them. Instead, use
<literal>MD5()</literal>, <literal>SHA1()</literal>, or some
- other one-way hashing function.
+ other one-way hashing function and store the hash value.
</para>
</listitem>
<listitem>
<para>
- Do not choose passwords from dictionaries. There are special
- programs to break them. Even passwords like
+ Do not choose passwords from dictionaries. Special programs
+ exist to break passwords. Even passwords like
<quote>xfish98</quote> are very bad. Much better is
<quote>duag98</quote> which contains the same word
<quote>fish</quote> but typed one key to the left on a
- standard QWERTY keyboard. Another method is to use
- <quote>Mhall</quote> which is taken from the first
- characters of each word in the sentence <quote>Mary had a
- little lamb.</quote> This is easy to remember and type, but
- difficult to guess for someone who does not know it.
+ standard QWERTY keyboard. Another method is to use a
+ password that is taken from the first characters of each
+ word in a sentence (for example, <quote>Mary had a little
+ lamb</quote> results in a password of <quote>Mhall</quote>).
+ The password is easy to remember and type, but difficult to
+ guess for someone who does not know the sentence.
</para>
</listitem>
@@ -11702,12 +11702,13 @@
untrusted hosts. Another simple way to check whether or
not your MySQL port is open is to try the following
command from some remote machine, where
- <literal>server_host</literal> is the host on which your
- MySQL server runs:
+ <replaceable>server_host</replaceable> is the hostname
+ or IP number of the host on which your MySQL server
+ runs:
</para>
<programlisting>
-shell> <userinput>telnet server_host 3306</userinput>
+shell> <userinput>telnet <replaceable>server_host</replaceable> 3306</userinput>
</programlisting>
<para>
@@ -11715,8 +11716,8 @@
port is open, and should be closed on your firewall or
router, unless you really have a good reason to keep it
open. If <literal>telnet</literal> hangs or the
- connection is refused, then the port is blocked, which
- is how you want it to be.
+ connection is refused, the port is blocked, which is how
+ you want it to be.
</para>
</listitem>
@@ -11730,7 +11731,7 @@
escaped character sequences in Web forms, URLs, or whatever
application you have built. Be sure that your application
remains secure if a user enters something like
- <quote><literal>; DROP DATABASE mysql;</literal>.</quote>
+ <quote><literal>; DROP DATABASE mysql;</literal></quote>.
This is an extreme example, but large security leaks and
data loss might occur as a result of hackers using similar
techniques, if you do not prepare for them.
@@ -11879,6 +11880,12 @@
<listitem>
<para>
+ Ruby DBI: Use placeholders.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
Java JDBC: Use a <literal>PreparedStatement</literal>
object and placeholders.
</para>
@@ -11899,8 +11906,9 @@
and ability to intercept it and use it for their own
purposes. Instead, use an encrypted protocol such as SSL or
SSH. MySQL supports internal SSL connections as of version
- 4.0.0. SSH port-forwarding can be used to create an
- encrypted (and compressed) tunnel for the communication.
+ 4.0. Another technique is to use SSH port-forwarding to
+ create an encrypted (and compressed) tunnel for the
+ communication.
</para>
</listitem>
@@ -11949,33 +11957,29 @@
connection. Password handling during the client connection
sequence was upgraded in MySQL 4.1.1 to be very secure. If you
are still using pre-4.1.1-style passwords, the encryption
- algorithm is not as strong as the newer algorithm; with some
- effort a clever attacker who can sniff the traffic between the
+ algorithm is not as strong as the newer algorithmm With some
+ effort, a clever attacker who can sniff the traffic between the
client and the server can crack the password. (See
<xref linkend="password-hashing"/>, for a discussion of the
- different password handling methods.) If the connection between
- the client and the server goes through an untrusted network, you
- should use an SSH tunnel to encrypt the communication.
+ different password handling methods.)
</para>
<para>
All other information is transferred as text, and can be read by
- anyone who is able to watch the connection. If you are concerned
- about this, you can use the compressed protocol to make traffic
- much more difficult to decipher. To make the connection even
- more secure, you should use SSH to get an encrypted TCP/IP
- connection between a MySQL server and a MySQL client. You can
- find an Open Source SSH client at
+ anyone who is able to watch the connection. If the connection
+ between the client and the server goes through an untrusted
+ network, and you are concerned about this, you can use the
+ compressed protocol to make traffic much more difficult to
+ decipher. You can also use MySQL's internal SSL support to make
+ the connection even more secure. See
+ <xref linkend="secure-connections"/>. Alternatively, use SSH to
+ get an encrypted TCP/IP connection between a MySQL server and a
+ MySQL client. You can find an Open Source SSH client at
<ulink url="http://www.openssh.org/"/>, and a commercial SSH
client at <ulink url="http://www.ssh.com/"/>.
</para>
<para>
- You can also use MySQL's internal OpenSSL support. See
- <xref linkend="secure-connections"/>.
- </para>
-
- <para>
To make a MySQL system secure, you should strongly consider the
following suggestions:
</para>
@@ -11984,34 +11988,23 @@
<listitem>
<para>
- Use passwords for all MySQL users. A client program does not
- necessarily know the identity of the person running it. It
- is common for client/server applications that the user can
- specify any username to the client program. For example,
- anyone can use the <command>mysql</command> program to
- connect as any other person simply by invoking it as
+ Require all MySQL accounts to have a password. A client
+ program does not necessarily know the identity of the person
+ running it. It is common for client/server applications that
+ the user can specify any username to the client program. For
+ example, anyone can use the <command>mysql</command> program
+ to connect as any other person simply by invoking it as
<literal>mysql -u <replaceable>other_user</replaceable>
<replaceable>db_name</replaceable></literal> if
<replaceable>other_user</replaceable> has no password. If
- all users have a password, connecting using another user's
+ all account have a password, connecting using another user's
account becomes much more difficult.
</para>
<para>
- To change the password for a user, use the <literal>SET
- PASSWORD</literal> statement. It is also possible to update
- the <literal>user</literal> table in the
- <literal>mysql</literal> database directly. For example, to
- change the password of all MySQL accounts that have a
- username of <literal>root</literal>, do this:
+ For a discussion of methods for setting passwords, see
+ <xref linkend="passwords"/>.
</para>
-
-<programlisting>
-shell> <userinput>mysql -u root</userinput>
-mysql> <userinput>UPDATE mysql.user SET Password=PASSWORD('<replaceable>newpwd</replaceable>')</userinput>
- -> <userinput>WHERE User='root';</userinput>
-mysql> <userinput>FLUSH PRIVILEGES;</userinput>
-</programlisting>
</listitem>
<listitem>
@@ -12019,8 +12012,9 @@
Never run the MySQL server as the Unix
<literal>root</literal> user. This is extremely dangerous,
because any user with the <literal>FILE</literal> privilege
- is able to create files as <literal>root</literal> (for
- example, <literal>~root/.bashrc</literal>). To prevent this,
+ is able to cause the server to create files as
+ <literal>root</literal> (for example,
+ <literal>~root/.bashrc</literal>). To prevent this,
<command>mysqld</command> refuses to run as
<literal>root</literal> unless that is specified explicitly
using the <option>--user=root</option> option.
@@ -12033,11 +12027,10 @@
everything even more secure. Use this account only for
administering MySQL. To start <command>mysqld</command> as a
different Unix user, add a <literal>user</literal> option
- that specifies the username to the
+ that specifies the username in the
<literal>[mysqld]</literal> group of the
- <filename>/etc/my.cnf</filename> option file or the
- <filename>my.cnf</filename> option file in the server's data
- directory. For example:
+ <filename>my.cnf</filename> option file where you specify
+ server options. For example:
</para>
<programlisting>
@@ -12064,12 +12057,13 @@
<listitem>
<para>
- Don't allow the use of symlinks to tables. (This can be
- disabled with the <option>--skip-symbolic-links</option>
- option.) This is especially important if you run
- <command>mysqld</command> as <literal>root</literal>,
- because anyone that has write access to the server's data
- directory then could delete any file in the system! See
+ Do not allow the use of symlinks to tables. (This capability
+ can be disabled with the
+ <option>--skip-symbolic-links</option> option.) This is
+ especially important if you run <command>mysqld</command> as
+ <literal>root</literal>, because anyone that has write
+ access to the server's data directory then could delete any
+ file in the system! See
<xref linkend="symbolic-links-to-tables"/>.
</para>
</listitem>
@@ -12084,14 +12078,15 @@
<listitem>
<para>
- Don't grant the <literal>PROCESS</literal> or
+ Do not grant the <literal>PROCESS</literal> or
<literal>SUPER</literal> privilege to non-administrative
users. The output of <command>mysqladmin
- processlist</command> shows the text of any statements
- currently being executed, so any user who is allowed to
- execute to run that command might be able to see whether
- another user issues a statement such as <literal>UPDATE user
- SET password=PASSWORD('not_secure')</literal>.
+ processlist</command> and <literal>SHOW
+ PROCESSLIST</literal> shows the text of any statements
+ currently being executed, so any user who is allowed to see
+ the server process list might be able to see whether another
+ user issues a statement such as <literal>UPDATE user SET
+ password=PASSWORD('not_secure')</literal>.
</para>
<para>
@@ -12112,7 +12107,7 @@
<listitem>
<para>
- Don't grant the <literal>FILE</literal> privilege to
+ Do not grant the <literal>FILE</literal> privilege to
non-administrative users. Any user that has this privilege
can write a file anywhere in the filesystem with the
privileges of the <command>mysqld</command> daemon! To make
@@ -12242,9 +12237,9 @@
</para>
<para>
- If this is enabled, a user cannot create new users by using
- the <literal>GRANT</literal> statement unless the user has
- the <literal>INSERT</literal> privilege for the
+ If this option is enabled, a user cannot create new MySQL
+ users by using the <literal>GRANT</literal> statement unless
+ the user has the <literal>INSERT</literal> privilege for the
<literal>mysql.user</literal> table. If you want a user to
have the ability to create new users that have those
privileges that the user has right to grant, you should
@@ -12318,7 +12313,7 @@
</para>
<para>
- Don't allow TCP/IP connections over the network. All
+ Do not allow TCP/IP connections over the network. All
connections to <command>mysqld</command> must be made via
Unix socket files.
</para>
@@ -12385,8 +12380,8 @@
process has read access to (assuming that a user could run
any command against the SQL server). In this environment,
the client with respect to the MySQL server actually is the
- Web server, not the program being run by the user connecting
- to the Web server.
+ Web server, not the remote program being run by the user who
+ connects to the Web server.
</para>
</listitem>
@@ -12411,11 +12406,11 @@
<listitem>
<para>
- If you build MySQL from source but don't use the
- <option>--enable-local-infile</option> option to
- <command>configure</command>, <literal>LOAD DATA
- LOCAL</literal> cannot be used by any client unless it is
- written explicitly to invoke <literal>mysql_options(...
+ If you build MySQL from source but do not invoke
+ <command>configure</command> with the
+ <option>--enable-local-infile</option> option, <literal>LOAD
+ DATA LOCAL</literal> cannot be used by any client unless it
+ is written explicitly to invoke <literal>mysql_options(...
MYSQL_OPT_LOCAL_INFILE, 0)</literal>. See
<xref linkend="mysql-options"/>.
</para>
@@ -12614,7 +12609,7 @@
<para>
MySQL has an advanced but non-standard security and privilege
- system. This section describes how it works.
+ system. The following discussion describes how it works.
</para>
<section id="what-privileges">
@@ -12637,7 +12632,7 @@
<para>
The primary function of the MySQL privilege system is to
- authenticate a user connecting from a given host, and to
+ authenticate a user who connects from a given host and to
associate that user with privileges on a database such as
<literal>SELECT</literal>, <literal>INSERT</literal>,
<literal>UPDATE</literal>, and <literal>DELETE</literal>.
| Thread |
|---|
| • svn commit - mysqldoc@docsrva: r1074 - in trunk: . refman-4.1 refman-5.0 refman-5.1 | paul | 28 Jan |
