MYSQL restrict user access to information_schema

Question

I have a MySQL server (Server version: 5.1.68-community; MySQL client version: 5.0.51a). Is there any way to restrict ALL access to information_schema for all users?

Wh

Answer 1

The INFORMATION_SCHEMA is a virtual database that holds meta-information about all databases accessible to current user. I.e. it's build dynamically according to user's permissions. It isn't real database. You should not try to change permissions to it in any case - it's updated dynamically according to server's state.

So your question has little sense. If someone will compromise some of users and get system control with it's permissions, he will be able to access to INFORMATION_SCHEMA for that user by definition (as that user can access any thing which is allowed by it's permissions - INFORMATION_SCHEMA is "a projection" of user's permissions).

Answer 2

One cannot prevent access to the information_schema (yet), but in the case of sql-injections through GET Request, it is easy to do a:

RewriteCond %{REQUEST_FILENAME}   !handle_error\.php
RewriteCond %{QUERY_STRING}   information_schema
RewriteRule  ^(.*?)          /handle_error.php [R=301,L]

in your .htaccess and this should save one some headache.