Chapter 8 安全性
Table of Contents
- 8.1 General 安全性 Issues
- 8.2 访问控制和账户管理
-
- 8.2.1 账户用户名和密码
- 8.2.2 MySQL 提供的权限
- 8.2.3 授权表
- 8.2.4 指定账户名称
- 8.2.5 指定角色名称
- 8.2.6 访问控制,第一阶段:连接验证
- 8.2.7 访问控制,第二阶段:请求验证
- 8.2.8 添加账户、分配权限和删除账户
- 8.2.9 保留的帐户
- 8.2.10 使用角色
- 8.2.11 账户分类
- 8.2.12 使用部分撤销的权限限制
- 8.2.13 当权限更改生效
- 8.2.14 分配帐户密码
- 8.2.15 密码管理
- 8.2.16 密码过期的服务器处理
- 8.2.17 插件式认证
- 8.2.18 多因素认证
- 8.2.19 代理用户
- 8.2.20 账户锁定
- 8.2.21 设置帐户资源限制
- 8.2.22 解决连接 MySQL 问题
- 8.2.23 基于 SQL 的帐户活动审计
- 8.3 使用加密连接
- 8.4 安全性 Components and Plugins
- 8.5 MySQL 企业数据屏蔽和去标识化
- 8.6 MySQL 企业加密
- 8.7 SELinux
- 8.8 FIPS 支持
When thinking about security within a MySQL installation, you should consider a wide range of possible topics and how they affect the security of your MySQL server and related applications:
-
General factors that affect security. These include choosing good passwords, not granting unnecessary privileges to users, ensuring application security by preventing SQL injections and data corruption, and others. See Section 8.1, “General Security Issues”.
-
Security of the installation itself. The data files, log files, and the all the application files of your installation should be protected to ensure that they are not readable or writable by unauthorized parties. For more information, see Section 2.9, “Postinstallation Setup and Testing”.
-
Access control and security within the database system itself, including the users and databases granted with access to the databases, views and stored programs in use within the database. For more information, see Section 8.2, “Access Control and Account Management”.
-
The features offered by security-related plugins. See Section 8.4, “Security Components and Plugins”.
-
Network security of MySQL and your system. The security is related to the grants for individual users, but you may also wish to restrict MySQL so that it is available only locally on the MySQL server host, or to a limited set of other hosts.
-
Ensure that you have adequate and appropriate backups of your database files, configuration and log files. Also be sure that you have a recovery solution in place and test that you are able to successfully recover the information from your backups. See Chapter 9, Backup and Recovery.
Several topics in this chapter are also addressed in the Secure Deployment Guide, which provides procedures for deploying a generic binary distribution of MySQL Enterprise Edition Server with features for managing the security of your MySQL installation.