NYCPHP Meetup

[Anthony Wlodarski]

I don't know what type of OS this is on Nix/Windows/Other but when MySQL creates a default slow queries log file for Ubuntu it places this in /var/log/mysql which is not accessible to anyone other than super user.  By default this file is 640 so that owners and groups may access it.  For example on Ubuntu if you part of the "adm" group you can read the file.  I would steer away from global reading permissions on that log.

Going into the background on this why do you want to enable all users to read the file?  If so I would recommend creating a group and adding users to the group for viewing permissions.  The logs information could be used against you negatively if an attacker stumbles upon your file (somehow made available through your webserver) and knows how your database reads and writes the information passed to it.

Internally no daemons such as the MySQL Daemon will bark about permissions to the file as they have access to the log by default.

-----Original Message-----
From: "Matt Juszczak" <matt at atopia.net>
Sent: Tuesday, September 7, 2010 2:09pm
To: talk at lists.nyphp.org
Subject: [nycphp-talk] MySQL slow query log/general mysql log

Hi folks,

Has anyone ever seen any negative effects of changing the permissions of 
the MySQL slow query log (not changing umask or anything like that) once 
MySQL has created the file?  I'd like to make it 755 to allow for global 
read only access.

-Matt
_______________________________________________
New York PHP Users Group Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk

http://www.nyphp.org/Show-Participation



Anthony Wlodarski
Lead Software Engineer
[http://www.dating2p0.com] Dating 2.0
646 285 0500 x217
anthony at dating2p0.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nyphp.org/pipermail/talk/attachments/20100907/c5bdec65/attachment.html>