mysql-native v2.1.0

aberba karabutaworld at gmail.com
Wed Mar 7 09:16:42 UTC 2018


On Tuesday, 6 March 2018 at 10:15:30 UTC, Martin Tschierschke 
wrote:
> On Tuesday, 6 March 2018 at 07:39:00 UTC, aberba wrote:
>> On Tuesday, 6 March 2018 at 04:31:42 UTC, Nick Sabalausky 
>> (Abscissa) wrote:
> [...]
>>> [...]
>>
>>
>> UNIX sockets provide a way to securely connect in an 
>> enclosed/isolated environment without exposing connection 
>> externally. This is used in my company in our microservice 
>> infrastructure on Google Cloud: we connect to our db instance 
>> using a proxy and its the recommended approach in 
>> microservices.
>>
>> Its a very common security practice. The default approach on 
>> Google Cloud. I would do the same for any db I want to prevent 
>> external access to. If vibe.d doesn't support it then its 
>> missing a big piece of a puzzle.
> Having sockets would be better, but you may configure your 
> mysql to allow only
> local connects. So external requests are blocked.
>
> https://dba.stackexchange.com/questions/72142/how-do-i-allow-remote-mysql-access-to-all-users
>
> Look at the first answer to set the right privileges for your 
> environment.
>
> Additionally blocking the mysql port 3306 (beside many others) 
> from outside the network would make sense.

The MySQL instance is running in a managed cloud instance. You 
don't get to tweak things like with vps.  Proxy based connection 
its what's used. Not just in my case...it supported in all major 
mysql libraries "socketPath".


More information about the Digitalmars-d-announce mailing list