With the next version of MySQL that is MySQL 8, there is a very
nice feature of creating "roles" which can be assigned
certain privileges and then these roles can be assigned to users,
thus helping us in maintaining the principle of least
privilege.
It makes our life as developers and DBAs easier as we do not have
to remember what are the specific privileges assigned to
different users. These "roles" can simply be assigned or
de-assigned from users as necessary.
The setup process is pretty easy and intuitive.
1. Create Role:
CREATE ROLE 'read', 'write', 'read_write';
Which essentially …
Showing entries 1 to 5
Sep
19
2017
May
21
2010
It is critical that you do not use the default MySQL installation security, it’s simply insecure.
Default Installation
When installed, MySQL enables any user with physical permissions to the server to connect to the MySQL via unauthenticated users. MySQL also provides complete access to all super user privileges via the ‘root’ user with no default password.
$ mysql -uroot mysql> SELECT host,user,password FROM mysql.user; +--------------+------+-------------------------------------------+ | host | user | password | +--------------+------+-------------------------------------------+ | localhost | root | | | server.local | root | | | 127.0.0.1 | root | | | localhost | | | | server.local | | …[Read more]
Feb
23
2010
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
Feb
23
2010
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
Feb
23
2010
This Thursday (February 25th, 13:00 UTC - way
earlier than usual!), Darren Cassar will present Securich - Security Plugin for MySQL.
According to Darren, the author of the plugin, Securich is an
incredibly handy and versatile tool for managing user privileges
on MySQL through the use of roles. It basically makes granting
and revoking rights a piece of cake, not to mention added
security it provides through password expiry and password
history, the customization level it permits, the fact that it
runs on any MySQL 5.0 or later and it's easily deployable on any
official MySQL binary, platform independent.
More information here: http://www.securich.com/about.html.
For MySQL University sessions, point your …
[Read more]
Showing entries 1 to 5