I am trying to build an application with sensitive data stored into a MySQL database, and I am worried by the fact that hijacking the root account is as simple as running 'mysqld --skip-grant-tables' and setting your own password. I would like to know if there is a way to prevent this.
Also, I would like to know if there is any way to have two passwords for the root account, so that two people will need to be authenticated for something to change.
Bookmarks