Around these days last year I presented `securich` for the first time. It was at froscon 2009, barely knowing anybody, spending my 27th birthday in a hostel in Germany fixing some bugs before the actual presentation on a 10 inch netbook (my mac had some problems at the time but thats another story :)). I got a beating, verbally of course! Many of the people listening to the presentation were expecting something else since another presentation was supposed to be running at that time, some even started dozing off (encouraging? not really hehe) but after a few minutes people started getting interested and asking all kind of questions. “This awesome” I thought to myself, “questions are good, it means people are understanding and want to know more”, but the more they learnt the more they realised how young securich was as a tool, lacking fundamental features like …
[Read more]
This Thursday (June 10th, 14:00 UTC), Darren
Cassar will rerun his February 25 presentation of Securich - Security Plugin for MySQL.
(Recording of the session failed in February; hopefully it will
succeed this time.) According to Darren, the author of the
plugin, Securich is an incredibly handy and versatile tool for
managing user privileges on MySQL through the use of roles. It
basically makes granting and revoking rights a piece of cake, not
to mention added security it provides through password expiry and
password history, the customization level it permits, the fact
that it runs on any MySQL 5.0 or later and it's easily deployable
on any official MySQL binary, platform independent.
More information here: …
This Thursday (June 10th, 14:00 UTC), Darren
Cassar will rerun his February 25 presentation of Securich - Security Plugin for MySQL.
(Recording of the session failed in February; hopefully it will
succeed this time.) According to Darren, the author of the
plugin, Securich is an incredibly handy and versatile tool for
managing user privileges on MySQL through the use of roles. It
basically makes granting and revoking rights a piece of cake, not
to mention added security it provides through password expiry and
password history, the customization level it permits, the fact
that it runs on any MySQL 5.0 or later and it's easily deployable
on any official MySQL binary, platform independent.
More information here: …
This Thursday (June 10th, 14:00 UTC), Darren
Cassar will rerun his February 25 presentation of Securich - Security Plugin for MySQL.
(Recording of the session failed in February; hopefully it will
succeed this time.) According to Darren, the author of the
plugin, Securich is an incredibly handy and versatile tool for
managing user privileges on MySQL through the use of roles. It
basically makes granting and revoking rights a piece of cake, not
to mention added security it provides through password expiry and
password history, the customization level it permits, the fact
that it runs on any MySQL 5.0 or later and it's easily deployable
on any official MySQL binary, platform independent.
More information here: …
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]I got to meet, and share a meal with a most interesting Darren Cassar at FRoSCon/OpenSQLCamp, who’s the mastermind behind SecuRich. Some sparse notes, while we await his slides. I think there’s some great potential here, and SecuRich is exciting and should be given some more love.
Designed to work with Sybase and MySQL in mind (because he’s hacking on migrating Sybase to MySQL).
How often do we audit user privileges and access levels? How often do we forget temporary elevated privileges?
What you have in MySQL today: Authentication against ‘username’@'hostname’, and the password is hashed by PASSWORD() function. There is wide range of privileges, and the granting of privileges is controlled.
What are limitations in MySQL today: Password limits are not available (password size …
[Read more]
Just a small
note to advise that Securich reached 0.1.4.
Some new tools include:
* Added Password complexity
* Enhanced `set_password` – Old password is now necessary to
replace it by a new one
* Enhanced Revoke privileges to accept regexp
* Added Block user@hostname on a database level
* Added Creation of reserved usernames
* Added Help stored procedure displays help for each stored
proc
* Enhanced `create_update_role` to include the removal of
privilages from roles
* Enhanced `grant_priveleges` on `alltables` for a database
without tables would terminate with an error instead of
gracefully (now fixed)
* Added Restore user@hostname on a database level
* Removed ’show warnings’ from sql installation
The database design using workbench is also available in the db folder (for easier understanding of what lies …
[Read more]Lately there has been quite some talk about security on MySQL, and I've decided to GPL a package I wrote, implmenting Roles on MySQL. This technology has been available on other databases for quite some time, but hasn't quite yet made it to MySQL's feature list and apart from this tool, the only solution I know of is google's patches for MySQL 5.0.