MySQL/MariaDB Server security essentials
MariaDB Server has made some extensions to security around the database, and here we discuss them. MySQL has also improved naturally. Learn about:
- encryption within the database (for your InnoDB tables and tablespaces & Aria temporary tables); created at Google and used there today
- external authentication plugins (PAM, Kerberos, etc.)
- audit plugin to keep track of logins/actions against the database
- using SSL for connections
- looking at rejecting SQL injections via a firewall plugin (really, a look since this is a MySQL Enterprise extension) and how this can be replicated in the open via MaxScale.
- examples of how a misconfigured MySQL could make it "crackable"