Category: Security

Security

MySQL Security – Password Validation Plugin

When thinking about security within a MySQL installation, you should consider a wide range of possible procedures / best practices and how they affect the security of your MySQL server and related applications. MySQL provides many tools / features / plugins in order to protect your data including some advanced features like Transparent Data Encryption …

Security

How to Achieve GDPR Compliance: Documenting Our Experience (I)

  Introduction The GDPR is a new regulation for the processing of personal data of data subjects residing in the European Union (EU). Essentially it is meant to protect the rights of those in the EU countries in regards to the fair and lawful processing of their personal information. It will take effect on May …

Security

MySQL vs MariaDB vs Percona Server: Security Features Comparison

  Security of data is critical for any organisation. It’s an important aspect that can heavily influence the design of the database environment. When deciding upon which MySQL flavour to use, you need to take into consideration the security features available from the different server vendors. In this blog post, we’ll come up with a …

Security

Ransomware Attacks Against MySQL and How to Avoid Them

One of the biggest news stories of 2017 on the MySQL front was unfortunately not a good one.  In February, hundreds of MySQL databases were erased and replaced with a ransom demand for 0.2 bitcoin, or about $234 US dollars at the time.  At least it wasn’t as bad as the previous month, when tens …

Security

MySQL 8.0.4 RC: auth_socket Users Beware!

  The news that the latest MySQL 8.0.4 RC (release candidate) is available is indeed exciting. Unfortunately for users of the auth_socket plugin, dangers lie in wait! Back in November 2015, I reported Failure of auth_socket authentication with sha256_password as default. This prevents users that identify with the auth_socket plugin from logging in after SHA256 authentication has …

Clustering, Security

How to Secure Galera Cluster – 8 Tips

  As a distributed database system, Galera Cluster requires additional security measures as compared to a centralized database. Data is distributed across multiple servers or even datacenters perhaps. With significant data communication happening across nodes, there can be significant exposure if the appropriate security measures are not taken. In this blog post, we are going …

Security

MySQL and MariaDB authentication against pam_unix

The PAM authentication plug-in is an extension included in MySQL Enterprise Edition (since 5.5) and in MariaDB (since 5.2). MySQL authentication against pam_unix Check if plug-in is available: # ll lib/plugin/auth*so -rwxr-xr-x 1 mysql mysql 42937 Sep 18 2015 lib/plugin/authentication_pam.so -rwxr-xr-x 1 mysql mysql 25643 Sep 18 2015 lib/plugin/auth.so -rwxr-xr-x 1 mysql mysql 12388 Sep …

Miscellaneous, Performance, Security

Does the Meltdown Fix Affect Performance for MySQL on Bare Metal?

In this blog post, we’ll look at does the Meltdown fix affect performance for MySQL on bare metal servers. Since the news about the Meltdown bug, there were a lot of reports on the performance hit from proposed fixes. We have looked at how the fix affects MySQL (Percona Server for MySQL) under a sysbench workload. …

Security

New Video – Ten Tips to Secure MySQL & MariaDB

  This video, based on last weeks blog “Ten Tips to Achieve MySQL and MariaDB Security”, walks you through ten different items to keep in mind when deploying a MySQL or MariaDB database to production. Database security is an essential part of any system. With more and more news reports of widespread data breaches coming …