Note it should be a huge security improvement to only allow "create,insert,update,select" privileges only to those who are security conscious. The mysql grant FILE and All Privileges allow way too much power to the sguil daemon. If any agents or sguil daemon were compromised, then the would-be hacker would have full access to the all databases on the system and possibly control over all the agents and sguil daemon. A jail could be created, but isn't better to use SQL's built-in grant tables ?
if I understand it correctly, the grant FILE permission is used for speed of data entry. I think it would benefit users to have an option to use only the four privileges above instead of SQL routine 'load_data_infile.'
A separate cron job could be run for maintenance that should fulfill any delete, indexing or other processing requirements.
Log in to post a comment.