Results 1 to 3 of 3

Thread: Secure MySQL installation

  1. #1

    Thread Starter
    PowerPoster make me rain's Avatar
    Join Date
    Sep 2008
    Location
    india/Hubli
    Posts
    2,208

    Question Secure MySQL installation

    i don't know excatly where to post this doubt, i feel by name it is a right place

    i have installed MySQL on my windows XP os so as the data files resides in
    c:\program files\Mysql\data\.....
    and the back up files (.sql) are also available on the same system

    and these files are so vulnarable any other user even though he is not an administrator of my system can easily delete these files
    & couse serious worries

    basically kindly advise please , how to safe guard my MySQL installation please

  2. #2
    PowerPoster dilettante's Avatar
    Join Date
    Feb 2006
    Posts
    24,487

    Re: Secure MySQL installation

    Well the first suggestion is that you not put read/write data of any kind under Program Files. It isn't supposed to be there, and under later versions of Windows only admins can write there anyway.

    The second thing is to have only one admin user on the system and make sure it has a password, and control who has access to it.

    The third thing is to create a proper data folder elsewhere, such as under your user profile, and set its security so that other users do not have access to it.


    All of this is quite standard advice. The real question is why you didn't do this in the first place? Is there something else you haven't mentioned?

  3. #3

    Thread Starter
    PowerPoster make me rain's Avatar
    Join Date
    Sep 2008
    Location
    india/Hubli
    Posts
    2,208

    Question Re: Secure MySQL installation

    the last point reason is i am un aware of setting up & playing with windows security, because many other peaoples are using the same system

    hence i never touched the security part

    but now after your advise i kept only one user who is the member of 'administrators" group
    and remaining users are the members of :user" group

    now what i found is any member of user if trys to

    (1) uninstall any program system is not obeying
    (2) trys to delete any program files in c:\program files system is telling as no rights to delete

    but your seggestion as
    "The third thing is to create a proper data folder elsewhere, such as under your user profile, and set its security so that other users do not have access to it."
    this one i am unable to fallow.

    is it possible to deny access to users other than admins to any of the said drives say for example drive "D:\" is protected from other users

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width