Chapter 6 Security

Table of Contents

6.1 General Security Issues
6.1.1 Security Guidelines
6.1.2 Keeping Passwords Secure
6.1.3 Making MySQL Secure Against Attackers
6.1.4 Security-Related mysqld Options and Variables
6.1.5 How to Run MySQL as a Normal User
6.1.6 Security Issues with LOAD DATA LOCAL
6.1.7 Client Programming Security Guidelines
6.2 The MySQL Access Privilege System
6.2.1 Privileges Provided by MySQL
6.2.2 Privilege System Grant Tables
6.2.3 Specifying Account Names
6.2.4 Access Control, Stage 1: Connection Verification
6.2.5 Access Control, Stage 2: Request Verification
6.2.6 When Privilege Changes Take Effect
6.2.7 Troubleshooting Problems Connecting to MySQL
6.3 MySQL User Account Management
6.3.1 User Names and Passwords
6.3.2 Adding User Accounts
6.3.3 Removing User Accounts
6.3.4 Setting Account Resource Limits
6.3.5 Assigning Account Passwords
6.3.6 Password Expiration and Sandbox Mode
6.3.7 Pluggable Authentication
6.3.8 Authentication Plugins Available in MySQL
6.3.9 Proxy Users
6.3.10 Using Secure Connections
6.3.11 Creating SSL and RSA Certificates and Keys
6.3.12 Connecting to MySQL Remotely from Windows with SSH
6.3.13 MySQL Enterprise Audit Log Plugin
6.3.14 SQL-Based MySQL Account Activity Auditing
6.3.15 MySQL Enterprise Firewall

When thinking about security within a MySQL installation, you should consider a wide range of possible topics and how they affect the security of your MySQL server and related applications: