Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid

Answer: Security using MySQL & CGI

by athomason (Curate)
on May 17, 2000 at 10:06 UTC ( #12043=categorized answer: print w/replies, xml ) Need Help??

Q&A > database programming > How can I secure MySQL & CGI? - Answer contributed by athomason

It seems you want to protect three different things: the password stored in your scripts, the password sent over the network while authenticating to mysqld (either on localhost or remotely), and the records themselves. I'll treat each separately.

1) You can secure the passwords stored on disk from everybody but root by putting the login information only in .my.cnf as mentioned in the doc referenced by btrott, and then having all your scripts use that. The line I have in all my scripts is

$dbh = DBI->connect("dbi:mysql:;mysql_read_default_file=/home/username +/.my.cnf", "", "", {RaiseError => 1 , PrintError => 1});
Of course, make sure .my.cnf has file permissions 0600, or you defeat the whole purpose ;-).

2) MySQL doesn't advertise itself as secure or terribly reliable (as RDBMS's go), but you may be able achieve some security through obscurity from casual packet snoopers, if there is such a thing. According to the O'Reilly DBI book, later versions of MySQL allow you to compress connections. I don't know whether this concerns the only record transmission or the login procedure as well, so I strongly suggest you research it before using it (I couldn't find anything in the mysql doc TOC). In any case, you can use the feature from DBI by passing the attribute "mysql_compression=1" in the connect statement.

3) Apart from the compression, there's not anything you can do with MySQL encryption-wise, AFAIK. Like the other posters mentioned, you really need to look into a more highly powered DB if this concerns you.

Log In?

What's my password?
Create A New User
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others imbibing at the Monastery: (7)
As of 2019-10-18 13:58 GMT
Find Nodes?
    Voting Booth?