← Back to team overview

maria-discuss team mailing list archive

Re: Parallel Databases and network security


On Tue, Jan 16, 2018 at 01:14:00AM +0100, Reindl Harald wrote:
> Am 15.01.2018 um 23:31 schrieb Ruben Safir:
> >Now, I had two choices, to change the software to talk across the
> >open local area network, and move the database to the webserver...
> >or hot copy, which I know maria has been able to do for a while, but I
> >never implimented it.  But i want to do this and restrict connections to
> >the internal network.  It is easy enough to justblock the external ports
> >but I would rather do this through the database.
> but it is pretty dumb have mysqld reachable on the WAN because you
> expose every future CVE for no good reason
> >>Restrict network access? Specify the correct peer ip address or a host
> >>name when creating a user
> the IP - security based on PTR records and rely on name-resolution
> is a bad idea, anyways one needs still tell me one sane reason why
> do ip restrictions in the atatcked application instead the
> networklayer in front of

Because that is how I want it.  The longer explanation is, because that
is how I want to do it, period.

I really didn't ask for a debate on the pros and cons of firewalls

> _______________________________________________
> Mailing list: https://launchpad.net/~maria-discuss
> Post to     : maria-discuss@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~maria-discuss
> More help   : https://help.launchpad.net/ListHelp

So many immigrant groups have swept through our town
that Brooklyn, like Atlantis, reaches mythological
proportions in the mind of the world - RI Safir 1998

DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
http://www.nylxs.com - Leadership Development in Free Software
http://www2.mrbrklyn.com/resources - Unpublished Archive 
http://www.coinhangout.com - coins!

Being so tracked is for FARM ANIMALS and and extermination camps, 
but incompatible with living as a free human being. -RI Safir 2013

Follow ups