Mysql socket security (Was: Re: i found something ugly about
freeBSD)
Melvyn Sopacua
freebsd-questions at webteckies.org
Fri Jan 30 17:12:58 PST 2004
On Friday 30 January 2004 10:20, Jorn Argelo wrote:
> It's up to the administrator of the server to make sure that users
> can't reach the /tmp partition then.
Ehm, you really don't want to advise this.
A proper solution:
/etc/my.cnf:
[mysqld]
socket = /var/run/mysql/socket
Then:
mkdir /var/run/mysql
chown mysql:staff /var/run/mysql
chmod 750 /var/run/mysql
This assumes users in group staff are allowed to access mysql. DO NOT use the
mysql group - that is best left with only the mysql user in it.
--
Melvyn
=======================================================
FreeBSD sarevok.webteckies.org 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Wed Jan 28
18:01:18 CET 2004
root at sarevok.lan.webteckies.org:/usr/obj/usr/src/sys/SAREVOK_NOAPM_NODEBUG
i386
=======================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: signature
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20040131/35391291/attachment-0001.bin
More information about the freebsd-questions
mailing list