Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 31 Jan 2004 02:12:56 +0100
From:      Melvyn Sopacua <freebsd-questions@webteckies.org>
To:        freebsd-questions@FreeBSD.org
Subject:   Mysql socket security (Was: Re: i found something ugly about freeBSD)
Message-ID:  <200401310212.56222.freebsd-questions@webteckies.org>
In-Reply-To: <200401301020.55607.jorn@wcborstel.nl>
References:  <BAY2-DAV21CCF3gl6mP0001c1c9@hotmail.com> <200401301020.55607.jorn@wcborstel.nl>
next in thread | previous in thread | raw e-mail | index | archive | help 

--Boundary-02=_YEwGAQPS578wmkA
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

On Friday 30 January 2004 10:20, Jorn Argelo wrote:

> It's up to the administrator of the server to make sure that users
> can't reach the /tmp partition then.

Ehm, you really don't want to advise this.

A proper solution:

/etc/my.cnf:
[mysqld]
socket =3D /var/run/mysql/socket

Then:
mkdir /var/run/mysql
chown mysql:staff /var/run/mysql
chmod 750 /var/run/mysql

This assumes users in group staff are allowed to access mysql. DO NOT use t=
he=20
mysql group - that is best left with only the mysql user in it.

=2D-=20
Melvyn

=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D
=46reeBSD sarevok.webteckies.org 5.2-CURRENT FreeBSD 5.2-CURRENT #0: Wed Ja=
n 28=20
18:01:18 CET 2004    =20
root@sarevok.lan.webteckies.org:/usr/obj/usr/src/sys/SAREVOK_NOAPM_NODEBUG =
=20
i386
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D

--Boundary-02=_YEwGAQPS578wmkA
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQBAGwEYOv9JNmfFN5URAhpdAJsGnqiGJ17OmnbigUe9Y2rz06AvSgCfYpTU
dzibXhoB725Vc+ICMwkOIpU=
=hq6l
-----END PGP SIGNATURE-----

--Boundary-02=_YEwGAQPS578wmkA--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200401310212.56222.freebsd-questions>