You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently we use a simple set of criterias to remove unsecured users. This set excludes some of the usefull new features of newer MySQL versions. Also the current logic needs a bit more documentation to be more easily to understand.
Solution
We should define which features of MySQL we want to advise using by making our queries for deleting unsecured users more explicit and more granular.
Currently I would consider several types of authentication secure:
auth with password
auth with certificates
auth with unix pipe
auth with PAM
The current logic for queries should als obe improved, maybe in the same way we use to set all the ssh parameters for mac/key/ciphers
Alternatives
Leave as is, our current implementation is arguably secure but exludes some equally secure setups.
Additional information
for more information also consider #641 and related discussion (linked tickets)
All changes must also be reflected in our mysql-baseline.
The text was updated successfully, but these errors were encountered:
Description
Currently we use a simple set of criterias to remove unsecured users. This set excludes some of the usefull new features of newer MySQL versions. Also the current logic needs a bit more documentation to be more easily to understand.
Solution
We should define which features of MySQL we want to advise using by making our queries for deleting unsecured users more explicit and more granular.
Currently I would consider several types of authentication secure:
The current logic for queries should als obe improved, maybe in the same way we use to set all the ssh parameters for mac/key/ciphers
Alternatives
Leave as is, our current implementation is arguably secure but exludes some equally secure setups.
Additional information
for more information also consider #641 and related discussion (linked tickets)
All changes must also be reflected in our mysql-baseline.
The text was updated successfully, but these errors were encountered: