Security Issues with MySQL ROOT Access
Security Issues with MySQL ROOT Access MySQL offers simple but very effective security mechanisms. Unfortunately, the default installation of MySQL, and in particular the empty root password and the potential vulnerability to buffer overflow attacks, makes the database an easy target for attacks. In order to achieve the highest possible level of security, the installation and configuration of MySQL should be performed in accordance with the following security requirements: * MySQL processes must run under a unique UID/GID that is not used by any other system process. * Only local access to MySQL need to be allowed.(some exceptions for jobs/backups) * MySQL root's account must be protected by a complex/hard to guess password. * The administrator's account (root) need to be renamed. * Anonymous access to the database (by using the nobody account) must be disabled. MySQL Security risks can be categorized into the following. * Filesystem security risks. MySQL Install