securich
By Darren CassarSecurich is a tool designed to help MySQL DBA in administering user privileges. It is totally modular and new stored procedures are easily added.
You can find it HERE and report any bugs HERE
Cheers,
Darren
Polls
Loading ...
Popular Tags
Post Archives
- April 2012
- September 2011
- August 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- June 2010
- April 2010
- February 2010
- December 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
Darren – I Installed Securich 2.5 a couple of months ago and have a couple of questions. How do you enforce usage of Securich, aside from password aging,
it seems users can ignore the fact that it is installed?
If I set a strong password using Securich, what is to prevent a user from using the
MySQL set password command to set it to something totally unsecure?
Good question Colin, there is a procedure called password_check which when called with update mysql.user to securich password and log the change in aud_password table so you know who is trying to change his password using mysql set password rather than securich version. With 0.2.5 there was a bug with securich set password which was fixed in 0.3 so you might want to consider the upgrade too.
If you set an event in mysql 5.1 to call the password_check stored proc every day it should be pretty annoying for the users to have to change it daily and if you see a recursive offender you can follow it up with policies etc
let me know if this doesn’t answer your question.
don’t hesitate to email me at info \a\t securich \d\o\t com if you have any issues, comments, suggestions or feature requests