Security seems to have no boundaries. I've been tightening our database security lately, and it seems like this could go on forever: from app to console to privileges to server, there are so many aspects to managing database security. Unfortunately, this is a field where MySQL is in particular weak, and with very little work done in the many years I've been working with MySQL.
My very own top-wanted security features for MySQL follows. Surely this is but a small subset, your mileage may vary.
By default, MySQL client API is unencrypted and passwords are sent in cleartext. MySQL supports SSL, but it an "all or …[Read more...]