Default MySQL security sucks. There is no super user privilege protection, or tight filesystem security. What are the essentials for any initial MySQL installation? What is the minimum an Oracle DBA should understand and undertake for a neglected MySQL system? The MySQL privilege system provides several levels of data protection when implemented correctly, however this is rarely used. The most common user permission implementation creates several security and auditing risks? What are your MySQL user permissions, and how can developers exploit them? There are ways to secure communications within a MySQL topology, approaches to managing exposed public facing data collection via the BLACKHOLE storage engine, auditing plugin interfaces, and external authentication capabilities with PAM and LDAP for example.
This presentation provides an overview and checklist of the essentials needed to improve MySQL security and provide an understanding of managing various levels of risk.