Diagnosing problems with SQL imports

Importing a text file containing a list of SQL commands into MySQL is a straightforward task. All you need to do is simply feed the file contents through pipe into MySQL command line client. For example: mysql app_production < dump.sql. The reasons for doing such imports can be very different - restoring MySQL backups created with mysqldump, manually replaying binary log events or performing database migrations during software roll-outs. While the task is simple, the import may not end successfully and when this happens, how to tell what the problem was? … [Read more...]

Granting privileges may break replication in MySQL 5.6.10

MySQL lets database administrators define access rights on many levels – from the ability to run global commands down to access to individual columns. Some rights can be applied to many different objects, such as for example SELECT or UPDATE, which can be granted globally or restricted only to certain databases or tables, while others are only meant for one specific purpose. An example of the latter could be FILE privilege, which permits user to interact with the file system from inside a database instance. It only makes sense as the global right and not anywhere else. … [Read more...]

MySQL Security: Overview of MySQL security features

In a world driven by computers, most companies rely on systems that are entirely built around databases. Losing data, or even as little as losing the full control over it, could bring any business down. Frequently databases hold sensitive information such as personal details, transaction statements, credit card data – among many other things. This is also why running certain types of databases is regulated in many countries by local as well as international laws – especially in Europe. … [Read more...]

Hardening MySQL, FOSDEM 2013 – Improving MySQL security

If for any reason you couldn't attend my talk at FOSDEM earlier today on improving MySQL security, I have already uploaded the slides. You can download them from here. … [Read more...]

How slow can SSD be or why is testing a new server performance important?

Recently we have helped our customer to migrate their entire application stack from one data center to another. Before we were brought on-board, customer had already placed an order for a new set of servers with the new hosting provider. All of them were suppose to be high-end systems – many CPU cores, plenty of RAM and RAID array build on top of SSD drives. As the new machines started being available to us, we began setting up the new environment. At some point it turned out that the new machines were actually slower compared to the several year old systems and their load was much higher under comparable traffic. … [Read more...]

MySQL security issue — Heap Based Overrun, testing.

Without going into unnecessary details about CVE-2012-5612 bug; an authenticated database user could use this flaw to crash MySQL instance or even try executing some code. Is it a serious problem? Do you need to worry about it? I recently saw some comments that "My database is safe, only application can access it. Is it really a serious bug?" which scared me a bit. Such opinion might be fine but only for closed systems with limited access to MySQL, but what if you are hosting provider that share single MySQL instance between several accounts? Here, security matters a lot! Especially if you allow users to create test/demo accounts. … [Read more...]

Recent security woes in MySQL

For those who don't know, several security vulnerabilities in MySQL were discovered recently and published to the security mailing lists. Yet another time, remote attacker can badly hit your production systems causing long downtime.   … [Read more...]