|
|
|
|
| |
Install your own rogue MySQL server on the server host, but with a port, socket, and data directory that are different from those used by the official server.
Run mysql_install_db to initialize your data directory. This action gives you full access to your server as the MySQL root user and sets up a test database that can serve as a convenient repository for stolen tables.
Access the data directory of the server you want to attack, copying the files corresponding to the table or tables that you want to steal into the test directory under your own server's data directory. This action requires only read access to the targeted data directory.
Start your rogue server. Presto! Its test database now contains copies of the stolen tables, which you can access at will. SHOW TABLES FROM test shows which tables you have a copy of, and SELECT * shows the entire contents of any of them.
If you want to be really nasty, open up the permissions on the anonymous user accounts for your server so that anyone can connect to the server from any host to access your test database. That effectively publishes the stolen tables to the world.
Think about this scenario for a moment, and then reverse the perspective. Do you want someone to do that to you? Of course not. So protect yourself using the instructions in the following discussion.
Securing Your MySQL Installation
The procedure described here shows how to set up ownerships and access modes for the directories and files that make up your MySQL installation. The instructions here use mysqladm and mysqlgrp for the user and group names that are to be given ownership of the installation. The instructions also assume initially a standard layout such that all parts of your MySQL installation are located under a single base directory, rather than having different parts of it installed in various places throughout your file system. The installation base directory is /usr/local/mysql and the data directory is under that with a pathname of /usr/local/mysql/data. After going through the procedure, I'll describe how to handle some non-standard types of installation layouts. Your system layout may vary from any of those described here, but you should be able to adapt the general principles appropriately. Change the names and pathnames as necessary for your own system. If you run multiple servers, you should perform the procedure for each one.
You can determine whether your data directory contains insecure files or directories by executing ls-l. Look for files or directories that have the "group" or "other" permissions turned on. The following is a listing of a data directory that is insecure, as are some of the database directories within it:
Some of those database directories have proper permissions: drwx------ allows read, write, and execute access to the owner, but no access to anyone else. But other directories have an overly-permissive access mode: drwxrwxr-x allows read and execute access to all other users, even those outside of the mysqlgrp group. The situation shown in this example is one that resulted over time, starting with an older MySQL installation that was progressively upgraded to successive newer versions. The less-restrictive permissions were created by older MySQL servers that were less stringent than more recent servers about setting permissions. (Notice that the more restrictive database directories, menagerie, sampdb, and tmp, all have more recent dates.) The behavior of a MySQL server now is to set the permissions on database directories that it creates to be accessible only to the account it runs as.
The data directory permissions and ownership need to be changed, as already indicated. One other change you might make is to restrict access to the libexec directory, which is where the mysqld server lives. Nobody but the MySQL administrator needs access to the server, so you can make that directory private to mysqladm.
To correct problems such as those just described, use the following procedure. The general idea is to lock down everything to be accessible only to mysqladm except for those parts of the installation that other users have a legitimate need to access:
If the MySQL server is running, shut it down:
% mysqladmin -p -u root shutdown
Set the owner and group name assignments of the entire MySQL installation to those of the MySQL administrative account using the following command, which you must execute as root:
# chown -R mysqladm.mysqlgrp /usr/local/mysql
Another popular approach is to make everything owned by root except the data directory, which you can accomplish like this:
# chown -R root.mysqlgrp /usr/local/mysql
# chown -R mysqladm.mysqlgrp /usr/local/mysql/data
If you set the general ownership to root, you'll need to perform most of the following steps as root. Otherwise, you can perform them as mysqladm.
|
|
|
|
|
|
| Link Partners: Asia florist, Flowers to India, Hong kong flowers, Site submit, Cheap web hosting, China florist, Japan florist |
|
