Lately there has been quite some talk about security on MySQL, and I’ve decided to GPL a package I wrote, implmenting Roles on MySQL.
This technology has been available on other databases for quite some time, but hasn’t quite yet made it to MySQL’s feature list and apart from this tool, the only solution I know of is google’s patches for MySQL 5.0.
The name is SECURICH and downloads as well as documentation are available at http://www.securich.com/. The bug list is available at here. Privileges can be granted on a database or table level with a few combinations like:
1. database as one,
2. all tables in database (useful when you need to grant a bunch of privileges to all tables but a few thus revoking the few later),
3. single tables,
4. stored procedure or
5. tables through the use of regular expression.
The user has the facility to create a role and update it on the fly thus propagating the changes onto already existing users having the role in question. There are also loads of other functionalities available and I urge you to check the documentation on http://www.securich.com/.
A cool feature I like is password history which enables dbas to enforce changing of passwords after a certain period of time.
Features like block user and unblock user as well as many other functionalities are being developed and more features will be added as time goes by.
I would greatly appreciate your feedback about what you think of the package, features you might wish to include etc (feature requests should be done through http://www.securich.com/mantis/ as well.)
Security – Roles and Password Expiry on MySQL using SECURICH,