Quick quiz: when can this happen? When can revoking a privilege from a user “grant” them another privilege?

I try to select from a table, and am denied.

(bentest@db3) [test]> select * from gbidsuggestion_0616 limit 1;
ERROR 1142 (42000): SELECT command denied to user ‘bentest’@'db4.adapt.com’ for table ‘gbidsuggestion_0616′

As super, I connect and revoke a different permission for user ‘bentest@db4.adapt.com’

(root@localhost) [test]> revoke insert on test.* from bentest@’db4.adapt.com’;
Query OK, 0 rows affected (0.00 sec)

Now I log back in as the original user, and I can do the select.

(bentest@db3) [test]> select * from gbidsuggestion_0616 limit 1;
+————————–+…+———+
| gbidsuggestionid |… | active |
+————————–+…+———+
| 1 |… | 0 |
…

In continuing with my personal exploration in BLOBs, I thought I would change gears a bit. Previously I had focused on benchmarking the MyBS engine being designed by Paul McCullagh (the results of which you can find here, here, and here). But this time around I thought I would try something a bit more direct.

I have been playing around storing photos as BLOBs in the database for my photo album application (in preparation for testing how the MyBS engine scales as opposed to storing images on the filesystem). So since I had all that data there already, I thought it might be fun to try and grab the BLOBs directly from the database using a a SELECT...INTO DUMPFILE... I whipped up a quick bash script which first runs an ALTER TABLE ... ENGINE=XYZ and …

On Monday August 20th, 2007, the Google Summer of Code officially ended. I have had a great time this summer, although it has not always been sunshine and flowers! Because of the nature of the Summer of Code, setbacks due to lack of knowledge were not a problem. It’s expected that the students don’t know everything!

So mostly the setbacks were organizational. I had 2 students working on MySQL Auditing Software, which I have tentatively (and very geekily) called OughtToAudit. One student was working on the administrative interface, where access to the auditing program and the auditing rules themselves are defined. As well, reporting on suspicious activity as well as the rule-breaking activity could be seen. The other student was working on a pcap (libpcap, winpcap) engine to store all database traffic. Why pcap? One of the main tenets of auditing is that the auditing system is independent of the system to be audited. Part of this is for …

I've just released changes to all tools in MySQL Toolkit. The biggest changes are in MySQL Table Sync, which I'm beginning to give sane defaults and options to. Some of the changes are incompatible (but that's what you get with MySQL Table Sync, which is still very rough). I also found and fixed some bugs with MySQL Visual Explain. Thanks to everyone who submitted bug reports.

Note, the formatting overflow in MySQL Query Profiler was not a security vulnerability. It was simply an issue with a Perl formatting code that displayed numbers as hash marks when they got big enough.

There’s an interesting dynamic going on right now in the DBA world. MySQL’s growth and installed base, as a function of its size three or five years ago, is perhaps five if not ten times larger than it was. In 2002 when Pythian’s MySQL services launched, we took on the platform at the explicit request [...]

In one of the last commits I added a SQL Tokenizer which understands the basic tokens of (My)SQL:

• Strings
• Literals
• Numbers
• Comments
• Operators

With this basic understanding we can normalize Queries and build statistics over similar queries.

The idea is simple and already implemented in mysqldumpslow:

  /* login.php:37 */SELECT * FROM tbl WHERE id = 1243 AND name = "jan"

is turned into

  SELECT * FROM `tbl` WHERE `id` = ? AND `name` = ?

The queries look like prepared statements now and can be used the characterize queries of the same kind.

• comments are removed
• whitespaces are stripped
• literals are quoted
• constants are replaced with ?

Taking the famous world-db and executing some simple queries like:

MySQL Connector/Net 1.0.10.1 a new version of the all-managed .NET driver for MySQL has been released.  This is a bug fix release for the current production branch of Connector/Net.  Version 1.0.10.1 is suitable for use with any MySQL version including MySQL-4.1, MySQL-5.0, MySQL-5.1 beta or the MySQL-6.0 Falcon "Preview".
It is now available in source and binary form from the Connector/Net download pages at http://dev.mysql.com/downloads/connector/net/1.0.html and mirror sites (note that not all mirror sites may be up to date at this point of time - if you can't find this version on some mirror, please try again later or choose another download site.)

You can find the release announcement in our forums with a complete change log here.

I'm attending the Google Test Automation Conference (GTAC 2007) in Manhattan, New York right now. It's a two-day single-track event hosted by Google, with mostly non-Google speakers. It's okay, but not great.

As explained in an earlier blog post, we recently started using MySQL master-slave replication on drupal.org in order to provide the scalability necessary to accommodate our growing demands. With one or more replicas of our database, we can instruct Drupal to distribute or load balance the SQL workload among different database servers.

MySQL's master-slave replication is an asynchronous replication model. Typically, all the mutator queries (like INSERT, UPDATE, DELETE) go to a single master, and the master propagates all updates to the slave servers without synchronization or communication. While the asynchronous nature has its advantages, it is also means that the slaves might be (slightly) out of sync.

Consider the following …

As explained in an earlier blog post, we recently started using MySQL master-slave replication on drupal.org in order to provide the scalability necessary to accommodate our growing demands. With one or more replicas of our database, we can instruct Drupal to distribute or load balance the SQL workload among different database servers.

MySQL's master-slave replication is an asynchronous replication model. Typically, all the mutator queries (like INSERT, UPDATE, DELETE) go to a single master, and the master propagates all updates to the slave servers without synchronization or communication. While the asynchronous nature has its advantages, it is also means that the slaves might be (slightly) out of sync.

Consider the following …