防止人为误操作MySQL数据库技巧一例(本题来自老男孩培训内部学生问题,属于数据库安全技巧)在若干年前,老男孩亲自遇到一个“命案”,老大登录数据库update一
防止人为误操作MySQL数据库技巧一例
(本题来自老男孩培训内部学生问题,属于数据库安全技巧)
在若干年前,,老男孩亲自遇到一个“命案”,老大登录数据库update一个记录,结果忘了加where,于是悲剧发生了,这使得我对MySQL的增量恢复熟练度远超过其他的知识点,同时也很在意对内的数据库安全,并且每次讲课讲到此处,都会给学生讲这个领导的故事。
1、mysql帮助说明
[oldboy_c64 ~]# mysql --help|grep dummy
-U, --i-am-a-dummy Synonym for option --safe-updates, -U.
i-am-a-dummy
FALSE
在mysql命令加上选项-U后,当发出没有WHERE或LIMIT关键字的UPDATE或DELETE时,mysql程序就会拒绝执行
2、指定-U登录测试
[oldboy_c64 ~]# mysql -uroot -poldboy123 -S /data/3306/mysql.sock -U
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 14
Server version: 5.5.32-log MySQL Community Server (GPL)
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> delete from oldboy.student;
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column
mysql> quit
Bye
提示:不加条件无法删除,目的达到。
3、做成别名防止老大和DBA误操作
[oldboy_c64 ~]# alias mysql='mysql -U'
[oldboy_c64 ~]# mysql -uroot -poldboy123 -S /data/3306/mysql.sock
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 15
Server version: 5.5.32-log MySQL Community Server (GPL)
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> delete from oldboy.student;
ERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column
mysql> delete from oldboy.student where Sno=5;
Query OK, 1 row affected (0.02 sec)
mysql> quit
Bye
[oldboy_c64 ~]# echo "alias mysql='mysql -U'" >>/etc/profile
[oldboy_c64 ~]# . /etc/profile
[oldboy_c64 ~]# tail -1 /etc/profile
alias mysql='mysql -U'
结论:
在mysql命令加上选项-U后,当发出没有WHERE或LIMIT关键字的UPDATE或DELETE时,mysql程序拒绝执行
本文出自 “老男孩linux运维” 博客,请务必保留此出处
Statement:The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn