On 6/19/06, Lars Hansson <[EMAIL PROTECTED]> wrote:
On Monday 19 June 2006 18:12, Martynas Venckus wrote:
> I want to chroot mysql. So i chrooted it in /var/mysql (mysqld --chroot),
> but web applications could access mysql server only by network, which is
> not the most secure and fast way.
What's not secure about binding to localhost only?
protocol attacks on the application which talks to mysql?
if you use some php stuff (any php sutff ;) and talk to mysql, you can
manipulate the db by sql injection. if _then_ mysql has e.g. a hole
which allows it to be manipulated or broken out into a shell, a chroot
would help al lot ;)
--knitti
