HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=25)
-   -   mysql security question (http://www.howtoforge.com/forums/showthread.php?t=33467)

clark61 9th April 2009 19:25

mysql security question
 
Hi all,
a question about security
during the setup we comment bind_address 127.0.0.1 in /etc/mysql/my.cf.
Why we want that mysql listen on all addresess?
Isn't a risk for possibles attaks mysql injection?
Many thanks

till 10th April 2009 10:12

Quote:

Why we want that mysql listen on all addresess?
It need sto listen on all addresses if you want to use a multiserver setup or if your clients shall be able to access it from outside. If you dont want tit to be accessible from outside you can also block it by enabling the firewall.

Quote:

Isn't a risk for possibles attaks mysql injection?
No. Mysql injection attacks are done trough vulnerabble scripts on your server as these scripts are already logged into the server. These scripts are connectiong to 127.0.0.1 anyway so this makes no difference.


All times are GMT +2. The time now is 10:09.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.