Jump to content
The Uniform Server Community

Coral 8.0.0 libmysql.dll location


Yoni
 Share

Recommended Posts

Hi,

 

I have written a guide to secure the Uniform Server and lock it down at the NTFS level for a production environment. In the process I noticed that apache loads libmysql.dll library from X:\Uniserver\usr\local\mysql\bin instead of loading it from X:\Uniserver\usr\local\php as I've seen from previous versions. In my attempt to lock down my Uniserver I denied apache's access (NTFS permissions) to X:\Uniserver\usr\local\mysql folder. I copied libmysql.dll to my PHP folder and edited apache's httpd.conf to load the libmysql.dll from the new location (X:\Uniserver\usr\local\php)

 

Is it there any specific reason why UniServer Coral 8.0.0 is delivering the libmysql.dll in the mysql folder instead of any other location? I really want to understand the propose of it because in my opinion it only prevented me from locking out my apache service from accessing the mysql folder to load this dll, momentarily.

 

By the way, the guide to strength the UniServer security can be found at http://geeks.gotdns.com/archives/uniform-s...rvices-security

 

Maybe someone wants to add a link to it in the wiki.

 

Your suggestions and improvements are always welcome.

<p class="bbc_center"><span style="font-size:12px;"><strong>Yoni</strong></span></p>

Link to comment
Share on other sites

This is actually a question for Ric (who is away for the moment).

 

I would guess that libmysql was put where it is so that it facilitated the MySQL version updates. When a MySQL update occurs, most all the changes happen only in the MySQL folder,and often are limited to just the bin subfolder at that.

 

However, your security argument tops that reasoning, as long as we can be sure it doesn't get forgotten during an update cycle. Mismatched dlls are a real nightmare to resolve.

 

Regards,

BobS

Link to comment
Share on other sites

Bob, nevermind. I reused the original location. Apache needs to have read access to the mysql folder anyways otherwise phpMyAdmin doesn't load. I don't use PHP my admin myself but the guide should be focused more on users than in my personal preferences. Read permissions is still secure enough. No files can be modified by the apache service inside the mysql folder.

<p class="bbc_center"><span style="font-size:12px;"><strong>Yoni</strong></span></p>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...