5

My mysql server is configured to not allow remote connection.

Should I seriously care about mysql user and password in this case?

Surfer on the fall
  • 787
  • 3
  • 8
  • 17

1 Answers1

9

It is very good that the mysql server is not required to support remote connections because it greatly reduces the attackable surface.

But you should consider defence in depth as a strategy to slow down an attacker or even reduce the impact of an attack.

Setting up a good password for the database users is no significant amount of work, so you should do that. That same is true for permissions that are likely not needed such as executing shell commands or creating stored procedures.

Fine tuning the permissions of the database users might be more difficult. So it might be more effective to spend effort elsewhere first. For example reviewing a web application for SQL injection vulnerabilities.

Hendrik Brummermann
  • 27,118
  • 6
  • 79
  • 121
  • Whilst it's not entirely necessary, I take this strategy to near-extremes by running one of my more sensitive webapps over multiple SQL users, each with their own permissions. Each user is tuned to a specific role, and it's selected based on if a user is logged in, and which page they're using. Anonymous (i.e. non-logged-in) users only get `SELECT` access to certain tables, and `INSERT` access to log tables. It greatly reduces the attack surface. Of course, proper use of parameterized queries negates any injection possibility. – Polynomial Aug 05 '12 at 12:43