Tweet
Hello,
I am fairly new to MySQL, I am learning it as I go. One question I have is, what is the tightest security I can setup for the MySQL directory? Is there much risk in leaving it open with the default "Everyone" having full control? I am not sure I understand why this is the default, but anyway...
I am running
Windows 2000 Adavanced Server SP4 (NTFS)
IIS 5.0
My application for MySQL is currently just forums (PHPBB2). It uses the MySQL database to store all data. In the future, I want to create dynamic webforms using PHP, and interface to the MySQL database from a webpage. How do I need to setup NTFS to have the tighest security possible on the web, while allowing me to preform these functions? Which directories in the MySQL root need read/write/modify access?
My current feeling is to remove "Everyone" from the MySQL root on down. Then add administrators with full control, and IUSR_server_name with read/write access. Do I need execute? Is write access even neccisarry? Am I correct in understanding that everything within IIS uses the IUSR_server_name account to access these resources?
If anyone could help a poor noob out and answer these questions, I would greatly apprieciate it. Perhaps you could even explain why you gave the answers you give.
Thanks, David
I am fairly new to MySQL, I am learning it as I go. One question I have is, what is the tightest security I can setup for the MySQL directory? Is there much risk in leaving it open with the default "Everyone" having full control? I am not sure I understand why this is the default, but anyway...
I am running
Windows 2000 Adavanced Server SP4 (NTFS)
IIS 5.0
My application for MySQL is currently just forums (PHPBB2). It uses the MySQL database to store all data. In the future, I want to create dynamic webforms using PHP, and interface to the MySQL database from a webpage. How do I need to setup NTFS to have the tighest security possible on the web, while allowing me to preform these functions? Which directories in the MySQL root need read/write/modify access?
My current feeling is to remove "Everyone" from the MySQL root on down. Then add administrators with full control, and IUSR_server_name with read/write access. Do I need execute? Is write access even neccisarry? Am I correct in understanding that everything within IIS uses the IUSR_server_name account to access these resources?
If anyone could help a poor noob out and answer these questions, I would greatly apprieciate it. Perhaps you could even explain why you gave the answers you give.
Thanks, David