MySQL Users.

Anon

Hi,

im gonna run some mydql dbs and access them with PHP. my question is.. should i run the dbs as root? or create a new user.. with less privs to run them from? are there many security issues with MySQL databases??

thnx

sourcecode

Yes, you should create a new user without root permissions to run MySQL.
MySQL has not any root compromising issue(last versions), like exploits etc. But, in order to keep your machine safer and decrease the possibility of an attacker to insert malicious commands in your database or append files with LOAD(e.g. /etc/shadow), you should run it as a normal user. Ufa!

Regards,

Leonardo Eloy 🙂