
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Server Installation
|
241
start with https:) to protect your connection. Even so, as Chapter 10 shows, the Web
is a tough environment to secure. I never feel quite safe using web-based admin tools
and tend to fall back on ssh or tunneling. You might compromise by using web tools
during the design phase with a test database and move to other administrative tools
for deployment.
Server Installation
Now that you’ve located your database server to protect against TCP exploits, you
need to select a safe version of MySQL to guard against any code-based vulnerabili-
ties.
Choosing a Version
Bug fixes, security fixes, performance enhancements, new features, and new bugs are
part of each new server release. You always want the most recent stable version. At
the time of writing, MySQL Server 4.1 is production, and 5.0 is the development
tree. Old 3.x releases still abound, the most recent being 3.23.58. If you’re running
an older version of mySQL, make sure it’s newer than 3.23.55 to avoid a remote
MySQL root account (not Linux root) exploit. Make the move to 4.1 if you can,
because there are many improvements. Here are some useful links to keep up with
new problems as they’re discovered:
Vulnerabilities
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=mysql
Bugs
http://bugs.mysql.com/search.php
Change ...