MySQL Best Practice


Limit root (and any other SUPER-privileged user) to

GRANT ... TO root@localhost ...

That prevents access from other servers. You should hand out SUPER to very few people, and they should be aware of their responsibility. The application should not have SUPER.

Limit application logins to the one database it uses:

GRANT ... ON dbname.* ...

That way, someone who hacks into the application code can't get past dbname. This can be further refined via either of these:

GRANT SELECT ON dname.* ...    -- "read only"
GRANT ... ON dname.tblname ... -- "just one table"

The readonly may also need 'safe' things like

GRANT SELECT, CREATE TEMPORARY TABLE ON dname.* ...    -- "read only"

As you say, there is no absolute security. My point here is there you can do a few things to slow hackers down. (Same goes for honest people goofing.)

In rare cases, you may need the application to do something available only to root. this can be done via a "Stored Procedure" that has SECURITY DEFINER (and root defines it). That will expose only what the SP does, which might, for example, be one particular action on one particular table.