Securich - A Security and User Administration plugin for MySQL

Darren Cassar (Trading Screen Inc)
Average rating: ***..
(3.50, 4 ratings)

How often do you wonder about the privileges a particular user has on databases, tables and stored procedures? Have you ever thought about which users have access to table ‘passwords’ in ‘livedb’? “Do all my users have a decent password?” and “When was it changed last?” are surely issues DBAs commonly think about, whilst hoping users are not cycling through the usual three passwords to avoid having to remember a new one. Maybe you have occasionally granted full access to all tables in a database to avoid the frustration of having to grant on tables one by one, or wondered about the mess your users and their privileges were in. Did you ever wish you could rename a user ‘paul’'192.168.0.189' to 'paul'‘192.168.0.188’ or clone user’john’'localhost' from 'fred'‘127.0.0.1’? Then, perhaps, Securich can come to your rescue. It can easily tackle the above and much more. Securich also enables the absent roles functionality in MySQL, permits dynamic updating of roles and immediate rollout of the changes to each user.

Securich is very simple to install and update using a bash script that includes error catching and rollback in case of problems. Securich is also easy to be remove if required, a single “drop securich” command does the trick and does not change any of the rights granted to users through it.

Securich Features
  1. Roles (Dynamic)
  2. Password history
  3. User cloning
  4. Secured user (avoiding password-less accounts)
  5. Configurable password complexity – length, uppercase, lowercase, special characters, dictionary check
  6. The possibility to revoke privileges from a single table (grant access to all tables in a database but one)
  7. User blocking / unblocking
  8. Immediate revoking of Privileges and Isolation of User
  9. Auditing of privileges granted / revoked
  10. Auditing of role updates
  11. Reconciliation between MySQL and Securich

SAM-My is a web based, cross-platform, OS independent and lightweight application written in PHP, enabling GUI administration of users and configuration of the main parts of SECURICH.

SAM-My Features
  1. Connection to MySQL and logout function
  2. UI list of accounts and viewing of their rights
  3. Granting and revoking of privileges
  4. User cloning
  5. Other features from Securich
  6. Version check of Securich, MySQL and other details about the data server

Adding to its appeal is the fact that both Securich and SAM-My are OpenSource projects licensed under GPLv2.

Photo of Darren Cassar

Darren Cassar

Trading Screen Inc

Darren Cassar is a MySQL community focused engineer, blogging about MySQL-related topics such as HA, replication and security on MySQLPreacher.com. After graduating as a computer and communications engineer in 2004, he immediately shifted his career initially towards systems engineering, then onto database administration, gaining his CMDBA certification in 2008. He has developed an open source security plugin for MySQL DBAs called Securich with the aim of securing and simplifying user rights management, along with a GUI admin tool for Securich named SAM-My. Darren, a Maltese by nationality, loves to travel for both work and pleasure and is currently based in New York having previously lived and worked in Malta and London.

Comments on this page are now closed.

Comments

Picture of Sheeri K. Cabral
Sheeri K. Cabral
04/21/2010 6:09am PDT

Video for this presentation is at www.youtube.com/watch?v=mkz...

  • Oracle
  • Monty Program
  • Calpont
  • Facebook
  • Gear6
  • Infobright, Inc
  • JasperSoft
  • Joyent
  • Kickfire
  • NorthScale, Inc.
  • Percona
  • Schooner Information Technology
  • Solid Quality Mentors (SolidQ)
  • Intel
  • Pentaho
  • Linux Pro Magazine

Sponsorship Opportunities

For information on exhibition and sponsorship opportunities at the conference, contact Yvonne Romaine at yromaine@oreilly.com

Download the O'Reilly MySQL Conference & Expo Sponsor/ Exhibitor Prospectus

Media Partner Opportunities

Download the Media & Promotional Partner Brochure (PDF) for information on trade opportunities with O'Reilly conferences or contact mediapartners@ oreilly.com

Press and Media

For media-related inquiries, contact Maureen Jennings at maureen@oreilly.com

O'Reilly MySQL Conference Newsletter

To stay abreast of conference news and to receive email notification when registration opens, please sign up for the O'Reilly MySQL Conference newsletter (login required).

Contact Us

View a complete list of O'Reilly MySQL Conference contacts.