I forgot to mention one thing. I chattr'ed the key files in /srv/etc directory.
My group file looks like:
Code:
root:x:0:root
mysql:x:27:
lighttpd:x:101:
and my passwd file is:
Code:
root:x:0:0:root:/root:/bin/bash
mysql:x:27:27:MySQL Server:/var/lib/mysql:/sbin/nologin
lighttpd:x:100:101:Web Server:/var/www:/sbin/nologin
I have the /srv/var/lib/mysql directory chowned by mysql.
As you noticed, I don't use the default RPM's, I built my own, with custom directories/locations, so is less predictable for hackers go gain access to key areas.