No issue Girvin. Discussion is good. It's worth noting that mysqldump is there to be run on a cron. Unless you use something like Percona or pay the $5k for Enterprise, mysqldump is what is being used by sysadmins everywhere considering there's really not much else unless you go the route of snapshots and doing master-slave. Which is what I've done in the past for larger databases, but I just assumed this was a smaller more personal database server. There's no security issue with mysqldump itself. Of course, anything can be used stupidly and insecurely, that doesn't mean the product was insecure though.
I think my question to you would be why you specifically think putting mysqldump in a cron is insecure? ------ *Sajan Parikh* Web Consultant Noppix LLC *w: *563.726.0371 *m: *563.447.0822 *f: *563.726.0122 *e: * sa...@noppix.com On Thu, May 30, 2013 at 1:04 PM, Tom Davies <tomdavie...@yahoo.co.uk> wrote: > Hi :) > I think for a lot of us on the list that have been lurking around this > topic the security issue has been interesting. I think this discussion and > the different approaches to dealing with the issue may well help some of us > in the future. many thanks to all that have posted in this thread. Some > valuable insights there! :) > Thanks and regards from > Tom :) > > > > > > >________________________________ > > From: Girvin R. Herr <girvin.h...@sbcglobal.net> > >To: Sajan Parikh <sa...@noppix.com> > >Cc: Steve Edmonds <steve.edmo...@ptglobal.com>; Wolfgang Keller < > felip...@gmx.net>; "users@global.libreoffice.org" < > users@global.libreoffice.org> > >Sent: Thursday, 30 May 2013, 18:47 > >Subject: Re: [libreoffice-users] LO Base/MySQL Backup?? > > > > > >Sajan & Steve, > >Thanks. I will have to look at this as an alternate possibility. > >I didn't mean to criticize, but I take computer security seriously and > >when I see a vulnerability, I tend to bring it to the person's > >attention. There are far too many people out there who take computer > >security nonchalantly and can be bitten. > >Girvin > > > > > >Sajan Parikh wrote: > >> I don't see the security issue in mysqldump using a cron. You can throw > >> your password in a mysqldump.cnf file and make it only readable by your > >> user. You can combine that with what Steve said and use a special MySQL > >> user as well. > >> > >> ------ > >> *Sajan Parikh* > >> *Web Consultant, Noppix LLC* > >> > >> *Work* - 563.726.0371 > >> *Cell *- 563.447.0822 > >> *Fax* - 563.726.0122 > >> *Email *- sa...@noppix.com > >> > >> > >> > >> > >> On Tue, May 28, 2013 at 4:06 PM, Steve Edmonds > >> <steve.edmo...@ptglobal.com>wrote: > >> > >> > >>> Hi Girvin. > >>> For security I created a mysql user 'backup' with read only access for > >>> backup. > >>> I make the cron script readable by root only > >>> > >>> -rwxr-x--- 1 root root 586 2012-12-05 16:19 > /etc/cron.backup/dailytmp.bu > >>> > >>> MYSQL_PWD="*******" mysqldump -ubackup --all-databases > --add-drop-database > >>> | gzip -9 > /home/bu/mysql.sql.gz > >>> > >>> Steve > >>> > >>> > >>> On 2013-05-29 06:57, Girvin R. Herr wrote: > >>> > >>> > >>>> Sajan, > >>>> The only problem I see with a cron job is a security issue. I assume > you > >>>> are putting your MySQL password(s) in your cron job script, since > mysqldump > >>>> requires it. I would not recommend doing that. I have a system > backup > >>>> script which I manually run monthly. It does not include the > passwords. > >>>> When that script runs, mysqldump prompts me for the password, I > enter it, > >>>> and off it goes. > >>>> > >>>> I might add that I have been using mysqldump for several years and I > have > >>>> not had any problems with it or with retrieving the database data > from its > >>>> backup files. I need to retrieve the backup when I upgrade MySQL, in > order > >>>> to restore my databases in the new version. It works fine, even when > I > >>>> upgraded from MySQL 5.0.67 to 5.5.29. > >>>> Girvin Herr > >>>> > >>>> > >>>> > >>>> Sajan Parikh wrote: > >>>> > >>>> > >>>>> Someone mentioned mysqldump, this is definitely the way to go. Set > it up > >>>>> on a cron and have it dump files to a backup directory. > >>>>> > >>>>> ------ > >>>>> *Sajan Parikh* > >>>>> *Web Consultant, Noppix LLC* > >>>>> > >>>>> *Work* - 563.726.0371 > >>>>> *Cell *- 563.447.0822 > >>>>> *Fax* - 563.726.0122 > >>>>> *Email *- sa...@noppix.com > >>>>> > >>>>> > >>>>> > >>>>> > >>>>> On Tue, May 28, 2013 at 11:08 AM, Wolfgang Keller <felip...@gmx.net> > >>>>> wrote: > >>>>> > >>>>> My question now is - Where does MySQL store the Database and how do > I > >>>>> > >>>>>>> track it down to make a backup?? > >>>>>>> > >>>>>>> > >>>>>> You'll have to use the MySQL administration tool for that. LO only > sees > >>>>>> a server running at an IP address listening to a specific port. It > has > >>>>>> no means to know where the data is. > >>>>>> > >>>>>> And I still recommend PostgreSQL over MySQL. ;-) > >>>>>> > >>>>>> Among others, it allows backing up a database while "live". > >>>>>> > >>>>>> Sincerely, > >>>>>> > >>>>>> Wolfgang > >>>>>> > >>>>>> -- > >>>>>> To unsubscribe e-mail to: users+unsubscribe@global.** > libreoffice.org<users%2bunsubscr...@global.libreoffice.org> > >>>>>> Problems? > >>>>>> http://www.libreoffice.org/**get-help/mailing-lists/how-to-** > >>>>>> unsubscribe/< > http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/> > >>>>>> Posting guidelines + more: http://wiki.**documentfoundation.org/** > >>>>>> Netiquette <http://wiki.documentfoundation.org/Netiquette> > >>>>>> List archive: http://listarchives.**libreoffice.org/global/users/< > http://listarchives.libreoffice.org/global/users/> > >>>>>> All messages sent to this list will be publicly archived and cannot > be > >>>>>> deleted > >>>>>> > >>>>>> > >>>>>> > >>>>>> > >> > >> > > > >-- > >To unsubscribe e-mail to: users+unsubscr...@global.libreoffice.org > >Problems? > http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ > >Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette > >List archive: http://listarchives.libreoffice.org/global/users/ > >All messages sent to this list will be publicly archived and cannot be > deleted > > > > > > > -- > To unsubscribe e-mail to: users+unsubscr...@global.libreoffice.org > Problems? > http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ > Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette > List archive: http://listarchives.libreoffice.org/global/users/ > All messages sent to this list will be publicly archived and cannot be > deleted > > -- To unsubscribe e-mail to: users+unsubscr...@global.libreoffice.org Problems? http://www.libreoffice.org/get-help/mailing-lists/how-to-unsubscribe/ Posting guidelines + more: http://wiki.documentfoundation.org/Netiquette List archive: http://listarchives.libreoffice.org/global/users/ All messages sent to this list will be publicly archived and cannot be deleted
