php_mysql_apache [Electronic resources]

Julie C. Meloni

نسخه متنی -صفحه : 323/ 27
نمايش فراداده

Workshop

The workshop is designed to help you anticipate possible questions, review what you've learned, and begin learning how to put your knowledge into practice.

Quiz

1:

True or False: Telnet is a perfectly acceptable method to securely connect to MySQL from a remote host.

2:

Which three pieces of information does MySQL check each time a request is made?

3:

What command would you use to grant SELECT, INSERT, and UPDATE privileges to a user named bill on localhost to all tables on the BillDB database? Also, what piece of information is missing from this statement that is recommended for security purposes?

Answers

A1:

False. The key word is

secure , and Telnet does not encrypt data between hosts. Instead, use SSH to connect to your server.

A2:

Who you are, where you are accessing from, and what actions you're allowed to perform.

A3:

The command is

GRANT SELECT, INSERT, UPDATE
ON BillDB.*
TO bill@localhost;

The important missing piece is a password for the user!
 Activities


1:
Think of situations in which you might want to restrict command access at the table level. For example, you wouldn't want the intern-level administrator to have shutdown privileges for the corporate database.
2:
If you have administrative privileges in MySQL, issue several GRANT commands to create dummy users. It doesn't matter whether the tables and databases you name are actually present.
3:
Use REVOKE to remove some of the privileges of the users you created in activity 2.