摘要
针对MySQL开源数据库,具体分析其内部和外部的安全机制;重点分析了如何防止未经授权的文件系统访问和网络访问。通过与其他大型数据库的对比,指出MySQL84.-4@库存在的不安全隐患;总结了各种漏洞的存在对系统构成的风险,并给出相应的防范对策。最后,在以MySQL为后台数据库的网络环境中,进行了针对多种漏洞的攻击实验。
The paper presents the open source database MySQL, about a detailed analysis of its internal and external security mechanism, for example, the user security mechanism, the security mechanism based on the authorized form, the settings and the structures of the authorized form, access mechanism, etc. Analysis focused on how to prevent unauthorized access to the file system and network access. And by contrast to other large-scale databases, it shows the hidden dangers that exist in the MySQL database. Then, it sums up the risks of a variety of loopholes and the corresponding preventive measures. Finally, it shows the experiments, which attack against all kinds of loopholes in the network environment based on MySQL. The results show that MySQL database can resist the attack after security settings and the input pa- rameters filtering.
出处
《电脑知识与技术》
2012年第2期745-748,共4页
Computer Knowledge and Technology