Page 17 - Open Soource Technologies 304.indd
P. 17
Open Source Technologies
Notes # ps auxw|grep My SQLd
My SQL 153 0.0 0.6 12068 2624 ? S Nov16 0:00 /usr/local/bin/My SQL/bin/My SQLd
—defaults-extra-file=/usr/local/bin/My SQL/data/my.cnf
—basedir=/usr/local/bin/My SQL—datadir=/usr/local/bin/My SQL/data
—user=My SQL—pid-file=/usr/local/bin/My SQL/data/mike.pid—skip-locking
The following output shows My SQL running as the root user (see the first entry on the second
line):
# ps auxw|grep My SQLd
root 21107 0.0 1.1 11176 1444 ? S Nov 27 0:00 /usr/local/My SQL/bin/My SQLd
—basedir=/usr/local/My SQL —datadir=/usr/local/My SQL/data —skip-locking
If you see that My SQL is running as root on your system, immediately contact your Internet
service provider and complain. If you are the server administrator, you should start the My SQL
process as a non-root user or specify the username in the startup command line:
My SQLd —user=non_root_user_name
For example, if you want to run My SQL as user My SQL, use
My SQLd —user=My SQL
However, the recommended method for starting My SQL is through the safe_My SQLd startup
script in the bin directory of your My SQL installation:
# /usr/local/bin/My SQL/bin/safe_My SQLd &
1.3.2 Securing Your My SQL Connection
You can connect to the My SQL monitor or other My SQL applications in several different ways,
each of which has its own security risks. If your My SQL installation is on your own workstation,
you have less to worry about than users who have to use a network connection to reach their server.
If My SQL is installed on your workstation, your biggest security concern is leaving your
workstation unattended with your My SQL monitor or My SQL GUI administration tool up and
running. In this type of situation, anyone can walk over and delete data, insert bogus data, or
shut down the server. Utilize a screen saver or lock screen mechanism with a password if you
must leave your workstation unattended in a public area.
If My SQL is installed on a server outside your network, the security of the connection should
be of some concern. As with any transmission of data over the Internet, it can be intercepted. If
the transmission is unencrypted, the person who intercepted it can piece it together and use the
information. Suppose the unencrypted transmission is your My SQL login informationa rogue
individual now has access to your database, masquerading as you.
One way to prevent this from happening is to connect to My SQL through a secure connection.
Instead of using Telnet to reach the remote machine, use SSH. SSH looks and acts like Telnet,
but all transmissions to and from the remote machine are encrypted. Similarly, if you use a
Web-based administration interface, such as phpMyAdmin (see http:/phpmyadmin.sourceforge.
net for more information) or another tool used by your Internet service provider, access that
tool over a secure HTTP connection.
Write down all the steps to install My SQL in your system.
12 LOVELY PROFESSIONAL UNIVERSITY
