Some mysqld parameters are far from having reasonable defaults. Most notable are the engine-specific values, and in particular the InnoDB parameters. Some of these variables have different defaults as of MySQL 5.4. innodb_buffer_pool_size, for example, is 128M on 5.4. innodb_log_file_size, however, has changed back and forth, as far as I understand, and is down to […]
MySQL is known for its willingness to accept invalid queries, data values. It can silently commit your transaction, truncate your data. Using GROUP_CONCAT with a small group_concat_max_len setting? Your result will be silently truncated (make sure to check the warnings though). Calling CREATE TEMPORARY TABLE? You get silent commit. Issuing a ROLLBACK on non-transactional involved […]
MySQL's security model is not as elaborate as other popular databases. It's missing quite a lot. I wish to point out what I think are some very disturbing security holes, which may affect the database integrity. This post is not about Roles, Kerberos, IPs and such. It's about simple MySQL features, which allow common, unprivileged […]
I thought this deserves more than a comment on my previous post on the subject, in which I expressed the opinion that sql_mode is undesired. Back to reality: sql_mode is here right now. What else can be done? Suggestion Is there anything to do about sql_mode? I believe so: make it strict by default.
sql_mode must be one of the most elusive issues in setting up a MySQL database. It is also responsible for difficulties in migration, upgrading and securing of databases. MySQL usually has little issues with migrating database from one machine to another, one version to another, one OS to another, one architecture to another. If we're […]