maria-developers team mailing list archive
Mailing list archive
Re: Third bunch of unmerged items
On Mar 31, Sergey Vojtovich wrote:
> Hi Sergei,
> here comes third bunch of items which I'm unsure about:
> WL#5706/Bug#58712/Bug#11746378 - Encrypt or remove passwords from slow, query, and binary logs
I don't know... This - as some other "security improvements" in MySQL -
is useless from a security point of view, but it *looks* like improving
security and users believe it. And that matters.
> WL#4677 - Unique Server Ids for Replication Topology (UUIDs)
> WL#6004 - Server extension for allowing user tables to be put into transactional SE
Better not. Acl tables used to work with innodb, as far as I remember.
if that was broken - it's a bug and we'll fix it when needed.
I don't want to waste time thinking abot this NDB-specific change
now, and we probably shouldn't push it without a thorough review.
> Bug #14112682 : MYSQLTEST: PROVIDE ACCESS TO ERROR NAMES THROUGH NUMERIC CODES AND VICE VERSA
I don't see a point - it only encourages bad test writing style (very
popular in MySQL replication team and QA). On the other hand, why not,
it's a small and safe change and it'll keep compatibility with the
> Bug #11747313 31741: MYSQLTEST - DEPRECATE "SYSTEM" COMMAND
perhaps. it wasn't portable, right?
> WL#2739: Auditing Password Security (plugin + API)
No. The idea is fine, but the implementation is absolutely unacceptable.
1. An akward service for opaque *strings*. One has to use an iterator
to walk a string character by character.
2. One global password checking plugin, no way to have a flexible
3. The best part - one hard-coded plugin, loaded by name! Like, go on,
try to create your own plugin - it's impossible! I'm actually not
sure I got it right, seems so crazy - like a car where an engine is
one solid piece of metal with no moving parts - I can hardly believe
anyone could've done that.
Feel free to create a Jira task for this feature and we can think how to
make it properly.
> WL#6587: disconnect_on_expired_password
We don't support password expiration yet, do we?
So this would be a task "merge password expiration feature", not only
> WL#5825 Using C++ Standard Library with MySQL code
We already have most of this. What's left?
> WL#2111: #6 Set CLASS_ORIGIN and SUBCLASS_ORIGIN
Don't we have it yet? I thought we do.