OurSQL Episode 59: Security Blankets, Part 1

This week, we talk about MySQL security.

News/Feedback
Collaborate Call for papers is open until Sunday October 14th - http://events.ioug.org/p/cm/ld/fid=15
Collaborate is an Oracle Technology and Applications conference put on by IOUG, OAUG and Quest. It is the largest independent Oracle conference, and we are planning on having a one-day track there. Collaborate is at the Mandalay Bay Convention Center in Las Vegas, Nevada from Sunday April 22nd - Thursday 26th, 2012.

Call for papers for Percona Live: MySQL Conference & Expo 2012 is open! They opened it on Friday, September 15th and the call will close on Monday, December 5th. The MySQL Conference & Expo is Tuesday April 10 - Thursday, October 12, 2012 in Santa Clara, CA.
To submit a paper, first register as a speaker at http://www.percona.com/live/mysql-conference-2012/user/register and then go to My Account -> Submit Proposal.

CouchConf NYC is happening on Monday, October 24th in New York City. CouchConf is a one-day conference focused on Couch NoSQL database technology for web and mobile applications. There will be numerous technology sessions presented by leaders of the Apache CouchDB project and other Couch experts.

MySQL Security

Planet MySQL blog aggregate

The free MySQL database service we referenced from Markus Popp is db4free.net.

poor man's query profiler to use tcpdump to find mysql traffic anywhere on the network. mk-query-digest documentation (it is called pt-query-digest now).

Manual page for mysqld_safe wrapper startup script

mysqlbinlog manual page

The bug that SHOW ENGINE INNODB STATUS requires the SUPER privilege has been submitted: bugs.mysql.com/bug.php?id=62625

This post would not be complete without the famous XKCD comic about SQL injection:

mk-show-grants (it has been renamed pt-show-grants) to show all grants on a server.

--skip-name-resolve mysqld option

The following will show you the client-provided user and host (USER() function) and the user and host you are authenticated as (CURRENT_USER() function):
SELECT USER(), CURRENT_USER();

GRANT statement syntax
privileges allowed by GRANT

Securich, a 3rd-party tool by Darren Cassar (MySQL Community member) to manage MySQL roles and users.

Ear Candy
MySQL replication and MySQL bug 58546: In MySQL versions earlier than 5.1.56, 5.5.10, and 5.6.2, STOP SLAVE first stops the I/O thread and then stops the SQL thread. In 5.1.56, 5.5.10 and 5.6.2 STOP SLAVE stops the SQL thread first and then the I/O thread.

Where you can see us
We will both be at Oracle Open World 2011 from Sunday October 2nd through Thursday, October 6th. We will be speaking and staffing the MySQL Community booth. There are links to a PDF and HTML version of MySQL sessions at Oracle OpenWorld at http://bit.ly/oow11mysql

MySQL Community Reception (free, no need to be registered to Oracle OpenWorld) - Tuesday, October 4, 2011 7-9 pm at the San Francisco Marriott Marquis in room Foothill G. RSVP for the *free* MySQL Community Reception.

Sheeri will be at the Boston MySQL User Group on Monday, October 10 at 7:00 PM where Ari Weil, Product Manager of Akiban Technologies will present: "Renormalize - Solving Performance Problems in MySQL Without Denormalization".

Sarah Will be at Linux Con EU from Wednesday October 26 - until Friday 28, 2011 · Clarion Congress Hotel · Prague, Czech Republic. speaking about speaking with a presentation called "IRL: How Geeks Undermine Their Presentations & Conversations With Body Language"

Ari Weil of Akiban joins Sarah at the November Seattle MySQL User Group ( http://www.meetup.com/seattlemysql/ ) on Mon Nov 7th from 7 - 9 pm.

Boston MySQL User Group on Monday, November 14th at 7:00 PM where Mike Frank of Gazzang will present "MySQL Encryption".

Feedback
Facebook group
e-mail: podcast at technocation.org
voicemail using phone/Skype: +1-617-674-2369
twitter: @oursqlcast
or Tweet about @oursqlcast