MySQL’s security model is not as elaborate as other popular databases. It’s missing quite a lot.
I wish to point out what I think are some very disturbing security holes, which may affect the database integrity.
This post is not about Roles, Kerberos, IPs and such. It’s about simple MySQL features, which allow common, unprivileged users, to [...]
I thought this deserves more than a comment on my previous post on the subject, in which I expressed the opinion that sql_mode is undesired.
Back to reality: sql_mode is here right now. What else can be done?
Suggestion
Is there anything to do about sql_mode? I believe so: make it strict by default.
sql_mode must be one of the most elusive issues in setting up a MySQL database. It is also responsible for difficulties in migration, upgrading and securing of databases.
MySQL usually has little issues with migrating database from one machine to another, one version to another, one OS to another, one architecture to another. If we’re not [...]