security

Better User Management for MySQL

If you're like me, you love the granular permissions capabilities of MySQL but hate the work that goes into managing them.

Recently, I've been dealing with MySQL permissions a lot and most of the time I'm creating very similar permissions over and over again. It got me thinking that I could really use MySQL groups. Unfortunately, there doesn't seem to be anything like groups in MySQL and according to plans won't be added officially until MySQL 7.0 (WL#988). Considering they originally planned to include Role support in MySQL 5.0, I'm not sure I'm holding my breath.

While searching around, I found Securich – a project about 6 months old which uses stored procedures to create a much more capable and easy to manage permissions system on top of MySQL's existing permissions. DISCLAIMER: I have not actually tried this so everything I say is based on what I'veunderstood from the documentation.

Webservd Default Home Directory

Someone currently building an internal development environment required some integration between servers using SSH and the webservd user.

He came to me when he saw that the default home directory for the webservd user is /.  He didn't want to create a /.ssh/authorized_keys file and I didn't blame him. My first reaction was to change the home directory but I didn't want to break something so I opened up Google and found something incredible.

DISCLAIMER: The following is quoted from documentation at docs.sun.com (emphasis is mine). I do not recommend you actually listen to it's instructions: