From: Paul DuBois Date: February 5 2002 4:29pm Subject: Re: Jailed MySQL for hosting customers List-Archive: http://lists.mysql.com/internals/2780 Message-Id: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" ; format="flowed" > > 3) What about preventing user from seeing other users data? >> Answer is not so easy like it seems to be. > >I thought my idea would solve that problem. Only the mysql user has access >to the databases, and users only have access to their databases when they >authenticate. Their databases would be in their directory. Sort of a >chroot or jail for the databases. > >> Running mysqld for every user is not an option at all. For 3-5 users >> maybe it is possible, maybe you can run up to 8 mysqld, but regular >> hosting server can have hundreds of users. > >I agree. This is the problem. > >> So using 1 mysqld with several user DB means mysqld has access to all >> this DB. Currently this means you never want to give users File_priv and >> you lose functionality. - No LOAD DATA INFILE...., no SELECT INTO >> OUTFILE ... >> The problem is that User with File_Priv can read any file on server >> readable by mysqld !! > >Right. This isn't really a MySQL-specific problem. For example, if multiple virtual domains are supported by the same Apache process, and each domain has a user who can install cgi-bin scripts, those scripts all run with the uid/gid of the Apache server. Any given user can write a script to access any file that any other user's scripts use. ISPs don't like to advertise this, but it's true. suEXEC offers some relief, but that's expensive.