Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

MySQL Read-Only column based

Tags:

security

mysql

openx

advertisement-server

I want to lock some fields/columns in a MySQL-Database, is this somehow possible?

Backgorund: We are using Revive also known as OpenX (of course the latest version) but it get hacked all the time. Especially the fields prepend and append in the ox_zone table.

What we already did to secure the system:

  • The Adserver is on a different Server
  • The Backend is not at the default location anymore
  • The Backend is secured by an .htaccess and .htpasswd
  • We removed all install files
  • We check the Core-Files every minute with the remote Git-Repo to ensure that we dont have compromised files (unauthorized file changes)
  • We removed the file: adxmlrpc.php Because its known as entry point for attackers
  • And some nice other tricks which I dont remember now...

But still sometimes the columns prepend and append are compromised, so I thought it would be great if we could lock these fields or set them to read only.

But I am of course up for any other solution.

like image 581
TatzyXY Avatar asked Sep 02 '16 09:09

TatzyXY

People also ask

How do I change a column from read only in MySQL?

Move your mouse over the "Read Only" text to fix the read-only table in MySQL Workbench.

1 Answers

You can set privileges on the column-level (and therefore only grant SELECT and INSERT) to the user that needs to be on read-only :

GRANT SELECT (column), INSERT (column) ON table TO user;

By replacing column, table and user with the appropriate values. GRANT documentation

You also need to be sure not to grant higher levels (table, data or global) privileges otherwise it would override the table-level privilege.

Best,

like image 106
brclz Avatar answered Oct 19 '22 17:10

brclz
Sign in to Comment

Related questions

Mysql group_concat of repeated keys and count of repetition of multiple columns in 1 query ( Query Optimization )
best way to store member of group in mysql table
Flyway clean can't drop H2 tables in lowercase
MySQL ERROR 1064: 'DEFAULT CHARACTER SET utf8'
MySQL query to find number of unique new visitors per week
How to use the dbicdump to only dump specific table
Set custom SSL truststore only for mysql jdbc
How to execute MYSQL query in laravel?
SQL Argument data type int is invalid for argument 1 of charindex function
Update data from MYSQL, PHP to drop down button
MySQL stored procedure returns wrong values
Extract substring with a specific pattern in MySql
How does Django name the index automatically created for foreign keys columns?
Very slow query on mysql table with 35 million rows
MYSQL using AND in group by statement instead of commas
mysql error 'NULL' at line 1
How many queries can be used in a single MySQL or MariaDB transaction
PHP and MySQL - Check if username is already taken
how to make this mysql query fast? I have millions of data inside my table [closed]
Creating Surrogate Key table with other unique constraints

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!