-3

Let's say a hacker gains root access to a server containing password protected MySQL.

Well, if we they simply reset the MySQL root password, given a few simple commands, doesn't that defeat the point in having it password protected in the first place?

For example, is there a well-practised technique in which one can segregate MySQL and prevent such a thing from happening. The only thing I could think of was, perhaps, moving the database to a different server all together.

All thoughts welcome.

Edit

I understand that MySQL passwords allow for multiple accounts, with various permissions, and nothing more. My question is more focused on how to isolate the database, so if infiltrated one can't simply dip into your database records.

Luka
  • 119
  • 5
  • 1
    What does make you think the password protection is meant to shield you from people having root access for whatever reason? It's not. – Sven Aug 24 '16 at 12:15
  • Sorry, that made no sense. – Luka Aug 24 '16 at 13:01
  • 1
    The purpose of the password protection of MySQL is to allow different normal users to have different access rights according to their need. This even allow us to give someone admin (root) privileges to the DB but not to the OS. MySQL makes no claim at all that this would protect the DB from someone with OS root access, either regular admins or attackers that gained access. This doesn't make the password protection pointless - it's just generally accepted that all bets are off if someone gained OS root access to a machine. – Sven Aug 24 '16 at 13:23
  • Yes that makes sense. I to would also state that the only use case for MySQL passwords are so you can manage multiple users with various permissions. – Luka Aug 24 '16 at 13:26

3 Answers3

1

Exposing root password to hacker is the worst thing that can happen to your server at all. If this occured on your production server, you shouldn't care about your MySQL db, your should immidiately shut the server down or at least isolate it from network rather on physical layer. Then search signs of intrusion on other servers and determine the root cause. You should never use penetrated OS in production again. Hacker may leave backdoor, timebomb, spoof some binary file with his own etc, so even if you eliminated all visible consequence of intrusion, you are still in danger.
It is theoretically possible to protect something from root, but this absolutely wrong way in your case. You should focus on guaring root password - disallow root ssh logins, aviod running daemons with root privileges, if possible, chroot them etc.

user1700494
  • 1,642
  • 2
  • 12
  • 21
0

It's not really possible. The Root Account of a Linux System can access everything on the file system and therefore could also manually access the database file stored on the file system. I suggest disabling SSH root access and the use of SSH key files to prevent or make it more difficult for the attacker to gain access to your server.

Phinitris
  • 1
  • My question was not asking how to secure a server via SSH keys... My question presumes the attacker has already gained access to a server... I'm looking for ways of securing a database given root privileges. – Luka Aug 24 '16 at 13:32
0

To reset the MySQL database root password from the command line you pretty much have to have root on the system so in effect all bets are off.

The process does though require that you stop the MySQL daemon, start it manually from the command line. Make the change and then stop that instance and restart the daemon. You should be monitoring your MySQL and you could catch something like that.

Moving your database to another server will help.

user9517
  • 115,471
  • 20
  • 215
  • 297