maria-developers team mailing list archive

Thread
Date

Re: Third bunch of unmerged items

To: Sergey Vojtovich <svoj@xxxxxxxxxxx>
From: Sergei Golubchik <serg@xxxxxxxxxxx>
Date: Mon, 14 Apr 2014 11:09:16 +0200
Cc: maria-developers@xxxxxxxxxxxxxxxxxxx
In-reply-to: <20140331125643.GA3228@june>
User-agent: Mutt/1.5.23 (2014-03-12)

Hi, Sergey!

On Mar 31, Sergey Vojtovich wrote:
> Hi Sergei,
> 
> here comes third bunch of items which I'm unsure about:
> 
> WL#5706/Bug#58712/Bug#11746378 - Encrypt or remove passwords from slow, query, and binary logs

I don't know... This - as some other "security improvements" in MySQL -
is useless from a security point of view, but it *looks* like improving
security and users believe it. And that matters.

> WL#4677 - Unique Server Ids for Replication Topology (UUIDs)

Ask Kristian.

> WL#6004 - Server extension for allowing user tables to be put into transactional SE

Better not. Acl tables used to work with innodb, as far as I remember.
if that was broken - it's a bug and we'll fix it when needed.

I don't want to waste time thinking abot this NDB-specific change
now, and we probably shouldn't push it without a thorough review.

> Bug #14112682 : MYSQLTEST: PROVIDE ACCESS TO ERROR NAMES THROUGH NUMERIC CODES AND VICE VERSA

I don't see a point - it only encourages bad test writing style (very
popular in MySQL replication team and QA). On the other hand, why not,
it's a small and safe change and it'll keep compatibility with the
upstream mysqltest.

> Bug #11747313 31741: MYSQLTEST - DEPRECATE "SYSTEM" COMMAND

perhaps. it wasn't portable, right?

> WL#2739: Auditing Password Security (plugin + API)

No. The idea is fine, but the implementation is absolutely unacceptable.

1. An akward service for opaque *strings*. One has to use an iterator
   to walk a string character by character.

2. One global password checking plugin, no way to have a flexible
   per-user policy.

3. The best part - one hard-coded plugin, loaded by name! Like, go on,
   try to create your own plugin - it's impossible! I'm actually not
   sure I got it right, seems so crazy - like a car where an engine is
   one solid piece of metal with no moving parts - I can hardly believe
   anyone could've done that.

Feel free to create a Jira task for this feature and we can think how to
make it properly.

> WL#6587: disconnect_on_expired_password

We don't support password expiration yet, do we?
So this would be a task "merge password expiration feature", not only
WL#6587.

> WL#5825 Using C++ Standard Library with MySQL code

We already have most of this. What's left?

> WL#2111: #6 Set CLASS_ORIGIN and SUBCLASS_ORIGIN

Don't we have it yet? I thought we do.

Regards,
Sergei

References

Third bunch of unmerged items
From: Sergey Vojtovich, 2014-03-31