Do not try this at home.
Just use 'sed' to change data stored inside a running mysql db. And it worked too. Saw the change data come through within a few seconds. Wonder what the internal mysql process did when it realised that data on the filesystem had changed from what it had in cache. Although there is a good chance that no such test exists inside mysql to start with.
Scary thing is, this whole process worked. Which also means, in case you havent caught on yet, is that its possible to change users passwords and change data stored on file off the command line. Not sure why this surprises me, considering myisam tables are just flat files on disk. Still. Something to think about.
Selinux would help here.
- KB
Would file system permissions help? For example, the mysql data could be writable only to a nologin mysql user. 
Ben, yea - you can lock the mysql db store using ACL's. ofcourse, it would help even more if no non-trusted users had access to the local filesystem completely. It just surprised me that it was so trivial switching passwords. 
MyISAM tables have no cache for data, only for indexes. So, not surprising that your changes came through. However, if you changed the size of a field instead of just replacing characters, it seems like you could rapidly corrupt the table. Also, if you were swapping the MDB one with a new, altered version through sed (or perl, etc), you might experience problems related to open file handles in the db and need to flush tables before you would see the updates.
mysql isn't an ACID database, there are no guarantees of anything related to data security this way or the other. Slowly, features for this is creeping into mysql, but it is still a toy database compared to DB2, Informix or other RDBMS. 
"Wonder what the internal mysql process did when it realised that data on the filesystem had changed from what it had in cache."
Okay, I'll try that at office ;) 
Comment feed for this post