posted by Shlomi Noach
on Thu 01 Jan 2009 22:05 UTC
Web applications face constant exploitation attempts. Those with a user base must keep their users’ private data, well… private.
While the MySQL security model allows restricting users access to databases, tables and even columns, it has no built in feature for restricting the rows access within the given table.
One cannot allow a user to only update rows 0 through 99, but restrict that user from updating rows 100 to 199. Such restrictions are usually managed in the application level, by adding a necessary “… AND filtering_column = some_value…”
Many web application have the notion of an ‘admin’ account, or several such accounts, which provide greater control over the application. The ‘admin’ account is one account to which many attacks are targeted. One such attack is an attempt to
Marten Mickos' letter to the troops indicates that all is better than well at MySQL: MySQL's open-source model of "radical transparency" is going exceptionally well indeed.
Three days ago I've finally managed to push the code for WL#3985 "Subquery optimization: smart choice between semi-join and materialization" into MySQL 6.0. I missed the clone-off date so it won't be in the upcoming MySQL 6.0.9 release, the only way to get it before the next 6.0.10 release is from the lp:mysql-server/6.0 bazaar repository.
What's new in the push
Before WL#3985, 6.0's subquery optimization had these three deficiencies:
For semi-join (see cheatsheet for definition) subqueries, you had to make a choice between having the optimizer use materialization or all other strategies. The default behavior was not to use materialization, you could only get it by setting a
posted by Andi Gutmans
on Thu 01 Jan 2009 09:42 UTC
Looking back at 2008:
This has really been a crazy year. Probably the first year I truly felt I couldn’t keep up with everything that was happening around me (in a good sense). Not because of the depression in the market but rather because many different aspects of our business, community and eco-system have accelerated. Amidst these changes I have also taken on additional roles at Zend to help drive the next phases of our multi-year strategy.
For Zend this has been an important year in delivering on our long term strategy and plan. The PHP Collaboration project which we announced at the end of 2005 has really come to fruition and delivered on its promise including:
- Zend Framework: This year we have had three major releases of Zend Framework,
Its been a while since I blogged.. and my new year's resolution would be to blog more.
I could say that I have been very busy at work.?I can't really say that I haven't been using MySQL, since I've been using it more these days than I have in my entire career.
I could say that I am noticing a trend to blog less in the MySQL community. I could be wrong about that, but I definitely don't see the same names blogging as the ones I used to see a year ago. But that could be that some people just moved on.
I could say that I have just been lazy. My blog statistics certainly?reflect that.
Finally, I could say that I lost a bit of enthusiasm?for blogging about MySQL. This could be that my priorities have shifted slightly, but I plan to get myself a bit more involved with database developing/administrating in the very near future.
posted by James Branam
on Wed 31 Dec 2008 14:36 UTC
Hi all,
This is my last blog entry for the year 2008. I've blogged 227 times this year, about a variety of topics (mostly NetBeans). I enjoy blogging. It puts me in touch with the community, making me much more approachable by community members.
2008 was a great year. Here is a sample of what I was able to witness or take part in (I've tried to put them in chronological order):
Sun has invited me to showcase Maatkit at the dot-org pavilion at the upcoming MySQL Conference and Expo 2009. At this time it’s really hard to say what I’ll be demoing! Development on Maatkit is accelerating and I don’t look for that to change, so who knows what we’ll have done by then. [...]
I want you to tell me the story of how you got started with the Net.
Tell me how your passion was sparked and why it keeps coming to full flame.
Tell me why the Net matters to you, even after all of the long days, short nights and wrecked weekends.
I've been writing my story because I need to understand why I care deeply for what the Net is and what it means.
I want to read your story for the same reason.
Don't hold out on me now. I can see your data trails in my server logs: a few hundred of you trudging in from RSS subscriptions, the PHP, Mozilla and MySQL planets, Boris'
More MySQL 6.0 news: next subquery optimizations WL pushed
