List:MySQL on Win32« Previous MessageNext Message »
From:Jonathan G. Lampe Date:August 4 2004 1:45pm
Subject:RE: Security question
View as plain text  
I know I probably sound like a broken record on this issue, but if and/or 
when MySQL supports running under a single WinNT usercode, the built-in 
Windows per-user file encryption will probably help protect against this 
kind of thing.  You're correct in saying that this is one the easiest ways 
to crack MySQL wide open (on any platform).

-jgl

At 08:39 PM 8/3/2004, Armando wrote:
>In addition to Kevin's comments, make sure no one has physical access to
>your server either, else security is a moot point. It's the same thing
>as having a house that's alarmed and monitored up the wazoo, yet you
>still leave the key under the doormat and the alarm code on a post-it
>note on the wall :-)
>
>Armando
>
>-----Original Message-----
>From: PF: MySQL [mailto:ml.mysql@stripped]
>Sent: August 3, 2004 9:40 AM
>To: win32@stripped
>Subject: RE: Security question
>
>
> > Whats to stop me from copying over my own 'mysql' data folder over an
> > existing one?
> >
> > I have already done this today and it allows me to access any
> > databases
> > sitting on the server with root access...
> >
> > How can I prevent something like this from happening?
>
>
>Depends on the OS that you are using.
>
>Windows 9x, you can't stop it.
>
>Windows XP Home, you can't stop it.
>
>Windows nt/2000/XP Pro, you can set user permissions to prevent such
>things from happening.
>
>MySQL is only as secure (locally) as the operating system you are
>running it on.
>
>-Kevin
>
>--
>MySQL Windows Mailing List
>For list archives: http://lists.mysql.com/win32
>To unsubscribe:    http://lists.mysql.com/win32?unsub=1
>
>
>--
>MySQL Windows Mailing List
>For list archives: http://lists.mysql.com/win32
>To unsubscribe:    http://lists.mysql.com/win32?unsub=1

- Jonathan Lampe
- jonathan.lampe@stripped

Thread
Security questionGreg Quinn3 Aug
RE: Security questionPF: MySQL3 Aug
  • RE: Security questionArmando4 Aug
    • RE: Security questionJonathan G. Lampe4 Aug