This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Reviewing MySQL Security"
(New page: ==Introduction== As part of the code review you may need to step outside the code review box to assess the security of a database such as MySQL. The following covers areas which could be ...) |
|||
| Line 33: | Line 33: | ||
Select * from tables_priv | Select * from tables_priv | ||
where Table_priv = 'Alter'; | where Table_priv = 'Alter'; | ||
| + | |||
| + | ====User privileges==== | ||
| + | Here we can check which users have access to perform potentially malicious actions on the database. "Least privilege" is the key point here: | ||
| + | |||
| + | |||
| + | Select * from user where | ||
| + | Select_priv = 'Y' or Insert_priv = 'Y' | ||
| + | or Update_priv = 'Y' or Delete_priv = 'Y' | ||
| + | or Create_priv = 'Y' or Drop_priv = 'Y' | ||
| + | or Reload_priv = 'Y' or Shutdown_priv = 'Y' | ||
| + | or Process_priv = 'Y' or File_priv = 'Y' | ||
| + | or Grant_priv = 'Y' or References_priv = ‘Y' | ||
| + | or Index_priv = 'Y' or Alter_priv = 'Y'; | ||
| + | |||
| + | Select * from host | ||
| + | where Select_priv = 'Y' or Insert_priv = 'Y' | ||
| + | or Create_priv = 'Y' or Drop_priv = 'Y' | ||
| + | or Index_priv = 'Y' or Alter_priv = 'Y'; | ||
| + | or Grant_priv = 'Y' or References_priv = ‘Y' | ||
| + | or Update_priv = 'Y' or Delete_priv = 'Y' | ||
| + | |||
| + | Select * from db | ||
| + | where Select_priv = 'Y' or Insert_priv = 'Y' | ||
| + | or Grant_priv = 'Y' or References_priv = ‘Y' | ||
| + | or Update_priv = 'Y' or Delete_priv = 'Y' | ||
| + | or Create_priv = 'Y' or Drop_priv = 'Y' | ||
| + | or Index_priv = 'Y' or Alter_priv = 'Y'; | ||
Revision as of 14:24, 24 October 2007
Introduction
As part of the code review you may need to step outside the code review box to assess the security of a database such as MySQL. The following covers areas which could be looked at:
Privileges
Grant_priv: Allows users to grant privileges to other users. This shoudl be appropriately restricted to the DBA and Data (Table) owners.
Select * from user where Grant_priv = 'Y'; Select * from db where Grant_priv = 'Y'; Select * from host where Grant_priv = 'Y'; Select * from tables_priv where Table_priv = 'Grant';
Alter_priv:Determine who has access to make changes to the database structure (alter privilege) at a global, database and table.
Select * from user where Alter_priv = 'Y'; Select * from db where Alter _priv = 'Y'; Select * from host where Alter_priv = 'Y'; Select * from tables_priv where Table_priv = 'Alter';
User privileges
Here we can check which users have access to perform potentially malicious actions on the database. "Least privilege" is the key point here:
Select * from user where Select_priv = 'Y' or Insert_priv = 'Y' or Update_priv = 'Y' or Delete_priv = 'Y' or Create_priv = 'Y' or Drop_priv = 'Y' or Reload_priv = 'Y' or Shutdown_priv = 'Y' or Process_priv = 'Y' or File_priv = 'Y' or Grant_priv = 'Y' or References_priv = ‘Y' or Index_priv = 'Y' or Alter_priv = 'Y';
Select * from host where Select_priv = 'Y' or Insert_priv = 'Y' or Create_priv = 'Y' or Drop_priv = 'Y' or Index_priv = 'Y' or Alter_priv = 'Y'; or Grant_priv = 'Y' or References_priv = ‘Y' or Update_priv = 'Y' or Delete_priv = 'Y'
Select * from db where Select_priv = 'Y' or Insert_priv = 'Y' or Grant_priv = 'Y' or References_priv = ‘Y' or Update_priv = 'Y' or Delete_priv = 'Y' or Create_priv = 'Y' or Drop_priv = 'Y' or Index_priv = 'Y' or Alter_priv = 'Y';
