Category Archives: Security

MySQL 8.0: Making User Management DDLs Atomic

With MySQL 8.0, we are bringing in an important change in the way user management DDLs are executed.

Background

User management DDLs cover following user management actions:

  • Creating user/role (CREATE USER [IF NOT EXISTS] / CREATE ROLE [IF NOT EXISTS])
  • Altering user account properties (ALTER USER [IF EXISTS])
  • Dropping user/role from database (DROP USER [IF EXISTS] / DROP ROLE [IF EXISTS])
  • Granting/Revoking privileges to/from a user/role (GRANT/REVOKE)

Each of these administrative action can handle multiple entities as a part of single command.…

Simplified SSL/TLS Setup for MySQL Community

Transport Layer Security (TLS, also often referred to as SSL) is an important component of a secure MySQL deployment, but the complexities of properly generating the necessary key material and configuring the server dissuaded many users from completing this task.  MySQL Server 5.7 simplifies this task for both Enterprise and Community users. …

Track and Optimize Server Connection Methods

The MySQL server supports a variety of client connection methods. To summarize: you have TCP/IP (v4 and v6) on all OSes (with or without TLS/SSL encryption), Unix Domain Sockets on Unix/Linux, and Named Pipes and/or Shared Memory on Windows.

Each of these connection methods has its own set of pros and cons: speed, security, portability, and ease-of-use.…