# Is my Mysql secure?

## audiodef

I posed my question to someone whose opinion I value, and got an excellent response. 

I'm now curious to hear from other people, though, especially from both db admins and security people. 

I've set up my server - a VPS on which I host two TLD sites and several sub-domains - so that there's only one Mysql user - root (Mysql root, not server root, just to be clear). Root does not have remote access. All web apps connect to localhost. 

My thinking is that since root has no remote access, it should be safe enough for me to just use it for web apps that only connect to localhost. Anyone who has managed to break into my server as server root would then be able to do whatever they want no matter how I rig my Mysql users anyway. 

All changes I make to the database are done either via ssh at the server root prompt or through a db web app behind both SSL and mod_auth_imap2 (to which I supply the Mysql root password). 

Am I using a reasonably secure approach to this? Or should I absolutely do something better in some way?

----------

## Hu

Do all your web applications on that machine require full control of the database?  If not, I would run them under alternate MySQL credentials with less access.  Consider the situation that your web application has a SQL injection vulnerability, allowing an attacker to insert arbitrary SQL text, but not to run arbitrary code or read/write any files on the machine.  In such a scenario, the compromised web application would allow the attacker to make any database changes that the web application's user can make.

----------

## audiodef

Now that I think about it, not even something like phpmyadmin requires root, right? It doesn't need things like grant privs, as far as I know. So maybe I should set up Mysql users for web apps.

----------

