It was a very long time since I wrote something in this blob, but I have been very busy this spring with MariaDB on Power. This has been a lot of work, but also a lot of fun. So, what is this MariaDB on Power thing all about, well I wrote an introduction to the Power platform late last year. Since then a lot of things has happened.
Setting up data security correctly can be vital for systems at government agencies, e-commerce sites, hospitals and clinics, or any company with sensitive employee data. In this blog, Geoff shows you how to set up row-level security in MariaDB for use cases demanding more detailed privilege handling than MariaDB and MySQL provide out of the box.
Last week, an SSL connection security vulnerability was reported for MySQL and MariaDB. The vulnerability states that since MariaDB and MySQL do not enforce SSL when SSL support is enabled, it is possible to launch Man In The Middle (MITM) attacks. MITM attacks can capture the secure connection and turn it into an unsecure connection, revealing data going back and forth to the server.
The MariaDB Audit Plugin, included in MariaDB Server by default since version 5.5.37 and 10.0.9 and now also pre-loaded in MariaDB Enterprise Versions, includes new filtering options starting with version 1.2.0.
This weekend Team MariaDB attended the 15th annual LinuxFest Northwest. This event has been growing every year, but this year it crossed over to become a HUGE event. There were over 1800 attendees this year, and we had the chance to talk to many of them at our booth and in our talks.
User accounts in MariaDB have traditionally been completely separate from operating system accounts. However, MariaDB has included a PAM authentication plugin since version 5.2.10. With this plugin, DBAs can configure MariaDB user accounts to authenticate via PAM, allowing users to use their Linux username and password to log into the MariaDB server.
When you want to connect a client to a database server through an insecure network, there are two main choices: use SSL or use an SSH tunnel. Although SSL often may seem to be the best option, SSH tunnels are in fact easier to implement and can be very effective. Traffic through an SSH tunnel is encrypted with all of the security of the SSH protocol, which has a strong track record against attacks.
So I am now back in my office in Vancouver, BC after an amazing week in Santa Clara for the Percona Live MySQL Conference and Expo. I though that I would take a break from trying to catch up with my email and write down some quick thoughts about this great event.
Recently, I asked Colt Engine to help us with the MaxScale Beta Testing process. They agreed to do this, but they had to find the best way to test a new environment, with MaxScale on top and with as little impact as possible on their datacenter. The traditional approach would be to create as many virtual machines as needed and configure them for the designed test environment. This is a valid approach, but it requires some time to setup and the unnecessary use of resources. Instead, they decided to use an “Application Container”; they decided to use Docker.