hi every one I am A new Bee to php mysql and i was surfing through the net to learn about how to secure the mysql when you are working in a web environment while working with php html and javascript i came through this article
http://articles.techre public.com.com/5100-6350_11-5287638.html
and before i proceede i must tell you that iam using win xp professional sp2
where were given two main and very first step before you start making your program or start using your database
the first stepDefine your Users was alright i got that and did it but when i reached
the second step Confine your users i was confused to how to run my database in chrooted environment i mean i have installed XAMP and i have installed it onother than c:\ drive but how can i "Remove the Everyone group, add the MySQL group, and give full control to the directory structure."
isnt this thing the one that i did in the first step creating the user, what I dont think so ,here is the second step
thanks for any help in this regard, and would be higly appreciated
regards omer
http://articles.techre public.com.com/5100-6350_11-5287638.html
and before i proceede i must tell you that iam using win xp professional sp2
where were given two main and very first step before you start making your program or start using your database
the first stepDefine your Users was alright i got that and did it but when i reached
the second step Confine your users i was confused to how to run my database in chrooted environment i mean i have installed XAMP and i have installed it onother than c:\ drive but how can i "Remove the Everyone group, add the MySQL group, and give full control to the directory structure."
isnt this thing the one that i did in the first step creating the user, what I dont think so ,here is the second step
Confine your users
Allowing a remote user to run a process on your server is inherently dangerous, but it happens every time you open a Web page or run a network application. The key to securing this remote access is limiting the local resource structure to a specific user process.
You can confine remote access to MySQL by running your database in a chroot environment. (Chroot changes the root directory and restricts a process to an isolated subset of the file system.)
[b]Windows Server 2000 or Windows Server 2003[b]
Follow the installation instructions, and install the database on a separate drive from your system drive (typically C:). Remove the Everyone group, add the MySQL group, and give full control to the directory structure.
If your database is colocated on your Web server, you need to disable access to TCP port 3306. This eliminates direct attacks from remote connections.
Allowing a remote user to run a process on your server is inherently dangerous, but it happens every time you open a Web page or run a network application. The key to securing this remote access is limiting the local resource structure to a specific user process.
You can confine remote access to MySQL by running your database in a chroot environment. (Chroot changes the root directory and restricts a process to an isolated subset of the file system.)
[b]Windows Server 2000 or Windows Server 2003[b]
Follow the installation instructions, and install the database on a separate drive from your system drive (typically C:). Remove the Everyone group, add the MySQL group, and give full control to the directory structure.
If your database is colocated on your Web server, you need to disable access to TCP port 3306. This eliminates direct attacks from remote connections.
regards omer
Comment