Security-Related mysqld Options
The following mysqld options affect security:
Table 5.5. Security Option/Variable Summary
Name | Cmd-Line | Option file | System Var | Status Var | Var Scope | Dynamic |
---|---|---|---|---|---|---|
allow-suspicious-udfs | Yes | Yes | ||||
automatic_sp_privileges | Yes | Global | Yes | |||
chroot | Yes | Yes | ||||
des-key-file | Yes | Yes | ||||
local_infile | Yes | Global | Yes | |||
local-infile | Yes | Yes | ||||
- Variable: local_infile | ||||||
old-passwords | Yes | Yes | Both | Yes | ||
- Variable: old_passwords | Yes | Both | Yes | |||
safe-user-create | Yes | Yes | ||||
secure-auth | Yes | Yes | Global | Yes | ||
- Variable: secure_auth | Yes | Global | Yes | |||
secure-file-priv | Yes | Yes | Global | No | ||
- Variable: secure_file_priv | Yes | Global | No | |||
skip-grant-tables | Yes | Yes | ||||
skip-name-resolve | Yes | Yes | Global | No | ||
- Variable: skip_name_resolve | Yes | Global | No | |||
skip-networking | Yes | Yes | Global | No | ||
- Variable: skip_networking | Yes | Global | No | |||
skip-show-database | Yes | Yes | Global | No | ||
- Variable: skip_show_database | Yes | Global | No |
--allow-suspicious-udfs
This option controls whether user-defined functions that have only an
xxx
symbol for the main function can be loaded. By default, the option is off and only UDFs that have at least one auxiliary symbol can be loaded; this prevents attempts at loading functions from shared object files other than those containing legitimate UDFs. See , "User-Defined Function Security Precautions".--local-infile[={0|1}]
If you start the server with
--local-infile=0
, clients cannot useLOCAL
inLOAD DATA
statements. See , "Security Issues withLOAD DATA LOCAL
".--old-passwords
Force the server to generate short (pre-4.1) password hashes for new passwords. This is useful for compatibility when the server must support older client programs. See , "Password Hashing in MySQL".
--safe-user-create
If this option is enabled, a user cannot create new MariaDB users by using the
GRANT
statement unless the user has theINSERT
privilege for themysql.user
table or any column in the table. If you want a user to have the ability to create new users that have those privileges that the user has the right to grant, you should grant the user the following privilege:GRANT INSERT(user) ON mysql.user TO '
user_name
'@'host_name
';This ensures that the user cannot change any privilege columns directly, but has to use the
GRANT
statement to give privileges to other users.--secure-auth
This option causes the server to block connections by clients that attempt to use accounts that have passwords stored in the old (pre-4.1) format. Use it to prevent all use of passwords employing the old format (and hence insecure communication over the network). Before MariaDB 5.6.5, this option is disabled by default. As of MariaDB 5.6.5, it is enabled by default; to disable it, use
--skip-secure-auth
.Server startup fails with an error if this option is enabled and the privilege tables are in pre-4.1 format. See "
Client does not support authentication protocol
".The mysql client also has a
--secure-auth
option, which prevents connections to a server if the server requires a password in old format for the client account.--secure-file-priv=
path
This option limits the effect of the
LOAD-FILE()
function and theLOAD DATA
andSELECT ... INTO OUTFILE
statements to work only with files in the specified directory.--skip-grant-tables
This option causes the server to start without using the privilege system at all, which gives anyone with access to the server unrestricted access to all databases. You can cause a running server to start using the grant tables again by executing mysqladmin flush-privileges or mysqladmin reload command from a system shell, or by issuing a MariaDB
FLUSH PRIVILEGES
statement after connecting to the server. This option also suppresses loading of plugins that were installed with theINSTALL PLUGIN
statement, user-defined functions (UDFs), and scheduled events. To cause plugins to be loaded anyway, use the--plugin-load
option.--skip-grant-tables
is unavailable if MariaDB was configured with theDISABLE_GRANT_OPTIONS
compiler flag. See , "MySQL Source-Configuration Options".--skip-name-resolve
Host names are not resolved. All
Host
column values in the grant tables must be IP addresses orlocalhost
.--skip-networking
Do not permit TCP/IP connections over the network. All connections to mysqld must be made using Unix socket files.
--skip-show-database
With this option, the
SHOW DATABASES
statement is permitted only to users who have theSHOW DATABASES
privilege, and the statement displays all database names. Without this option,SHOW DATABASES
is permitted to all users, but displays each database name only if the user has theSHOW DATABASES
privilege or some privilege for the database. Note that any global privilege is a privilege for the database.--ssl*
Options that begin with
--ssl
specify whether to permit clients to connect using SSL and indicate where to find SSL keys and certificates. See , "SSL Command Options".