PDA

View Full Version : mysql security question


clark61
9th April 2009, 20:25
Hi all,
a question about security
during the setup we comment bind_address 127.0.0.1 in /etc/mysql/my.cf.
Why we want that mysql listen on all addresess?
Isn't a risk for possibles attaks mysql injection?
Many thanks

till
10th April 2009, 11:12
Why we want that mysql listen on all addresess?

It need sto listen on all addresses if you want to use a multiserver setup or if your clients shall be able to access it from outside. If you dont want tit to be accessible from outside you can also block it by enabling the firewall.

Isn't a risk for possibles attaks mysql injection?

No. Mysql injection attacks are done trough vulnerabble scripts on your server as these scripts are already logged into the server. These scripts are connectiong to 127.0.0.1 anyway so this makes no difference.