Showing entries 1 to 10 of 37123
10 Older Entries »
Security Vulnerability CVE-2016-6664 / CVE-2016-5617

Security Vulnerability CVE-2016-6664 / CVE-2016-5617 rasmusjohansson Wed, 01/18/2017 - 13:23

During the fall there were a couple of vulnerabilities found that could be used for privilege escalations in conjunction with race conditions. These were:

  • CVE-2016-6662 MySQL Remote Root Code Execution / Privilege Escalation 0day

  • CVE-2016-6663 Privilege Escalation / Race Condition (also referred to as CVE-2016-5616)

  • CVE-2016-6664 Root Privilege Escalation (also referred to as CVE-2016-5617)

I’ve published two blog posts about these vulnerabilities before:

[Read more]
Python and the MySQL Document Store

The MySQL Document Store and X Devapi have a lot of very interesting features but right now my programming language of choice, PHP, is not yet supported. My Python is rusty and learning Node.JS is progressing. But the ability to search data from a database without knowing Structured Query Language (SQL) is going to appeal to many. Example One

import mysqlx
import string

session = mysqlx.get_session({
'host': 'localhost',
'port': 33060,
'user': 'dstokes',
'password': 'Hell0Dave!'})

schema = session.get_schema('world_x');
collection = schema.get_collection('countryinfo')

print "Find three records***\n"
result = collection.find().limit(3).execute()
docs = result.fetch_all()

for i, data in enumerate(docs):
print "{iteration}: {data}".format(iteration = i, data=data)

print "Find USA***\n"
result = collection.find('_id = "USA"').execute()
row = …
[Read more]
Why I wrote "please do not ignore warnings" and "to always investigating/fixing warnings" (in MySQL/MariaDB)

In a last post, I wrote the two following sentences:

please do not ignore warnings always investigate/fix warnings

I realized that without context, this might be hard to understand.  In this post, I want to give more background about these two sentences.

In my work, I have seen problems solved (wrongly) by ignoring warnings.  Some example that comes to my mind:

upgrading to a new MySQL

Taking Full Advantage of Galera Multi-Master Replication-Galera Cluster Resources Updated

Last year Codership produced a lot of valuable content to help Galera users to get started with Galera and manage Galera. We have gathered  the resources to our website.

Taking Full Advantage of Galera Multi-Master replication video can be watched here.

We have now uploaded Slideshare with many new presentations. Check them out!

The best source of multi-master Galera Cluster help,  Galera Cluster documentation, is being updated constantly.

MySQL Day – Sessions review #6

Let’s continue the review of the pre-FOSDEM MySQL Day‘s schedule. Today’s session is the one of Sveta Smirnova: What you wanted to know about your MySQL Server instance, but could not find using internal instrumentation only

Sveta Smirnova works as MySQL Support engineer since year 2006, she is also author of book “MySQL Troubleshooting” and author of JSON UDF functions for MySQL. In years 2006 – 2015 she worked in Bugs Analysis MySQL Support Group in MySQL AB, then Sun, then Oracle. In March 2015 Sveta joined Support Team in Percona. In years 2012-2015 she worked on bugs priority. She was also Support representative in MySQL Backup Development Team. She …

[Read more]
How to implement secondary indexes

This post is about implementing secondary indexes on top of an ordered key-value store. This topic is interesting for at least two reasons. First, you may actually need to do this if you’re implementing secondary indexes on top of something like LevelDB, RocksDB, Bolt, or some other key-value storage library. Second, seeing how this is done from an implementation perspective can help you understand how databases like MySQL and PostgreSQL handle secondary indexes.

Suppose we have a table implemented on top of a key-value store. Specifically, assume that the key-value store has unique, ordered keys.

Here’s the row definition:

Row := (id, username, email, deleted timestamp, name)

There are five columns. We’ll let id be the primary key. There’s a deleted column to allow usernames to be reused. More on that later.

Here’s what the table would look like when …

[Read more]
Insert benchmark, MyRocks and InnoDB

I haven't been sharing many performance results on my blog as I have been saving results for my conference talks. Later this year I expect to blog more and travel less. Today I will share two results from the insert benchmark to compare MyRocks and InnoDB.

tl;dr - both are expected

  • MyRocks insert performance doesn't degrade when the database is larger than memory
  • InnoDB in MySQL 5.7 scales much better than in MySQL 5.6 for in-memory workloads
  • InnoDB in MySQL 5.7 wins for in-memory, MyRocks wins for io-bound


Configuration

This test does inserts in PK order into a table with 3 secondary indexes. Without the secondary indexes the workload is friendly to a b-tree. But secondary index for a b-tree is read-modify-write and the reads from and writes to storage will make InnoDB slower when the working set doesn't fit into RAM. InnoDB is likely to …

[Read more]
Webinar Wednesday January 18, 2017: Lessons from Database Failures

Join Percona’s Chief Evangelist Colin Charles on Wednesday, January 18, 2017, at 7:00 am (PST) / 10:00 am (EST) (UTC-8) as he presents “Lessons from Database Failures.”

MySQL failures at scale can teach a great deal. MySQL failures can lead to a discussion about such topics as high availability (HA), geographical redundancy and automatic failover. In this webinar, Colin will present case study material (how automatic failover caused Github to go offline, why Facebook uses assisted failover rather than fully automated failover, and other scenarios) to look at how the MySQL world is making things better. One way, for example, is using …

[Read more]
MySQL Day – Sessions review #5

On February 3rd, just before Fosdem and the MySQL & Friends Devroom, MySQL’s Community Team is organizing the pre-Fosdem MySQL Day.

Today we will review Dag H. Wanvik‘s session. Dag is spending most of his time implementing Windows Functions to MySQL.

Dag H. Wanvik is a senior MySQL developer for Oracle. Before he did Derby/Java DB development for Oracle/Apache Foundation and he is a Derby committer. He last co-authored JSON support for MySQL 5.7. In his previous existence Dag worked on several compilers and HA distributed data base systems.

The title of his session is MySQL 8.0: Window functions – finally!

Dag will share is current work on …

[Read more]
How to replace the TABLE identifier generator with either SEQUENCE or IDENTITY in a portable way

Introduction As previously explained, the TABLE identifier generator does not scale, so you should avoid id. However, some enterprise applications might need to run on both MySQL (which does not support database sequences), as well as Oracle, PostgreSQL and SQL Server 2012. This is article is going to explain how easily you can achieve this … Continue reading How to replace the TABLE identifier generator with either SEQUENCE or IDENTITY in a portable way →

Showing entries 1 to 10 of 37123
10 Older Entries »