Hi, Sergey! On Mar 31, Sergey Vojtovich wrote:
Hi Sergei,
here comes third bunch of items which I'm unsure about:
WL#5706/Bug#58712/Bug#11746378 - Encrypt or remove passwords from slow, query, and binary logs
I don't know... This - as some other "security improvements" in MySQL - is useless from a security point of view, but it *looks* like improving security and users believe it. And that matters.
WL#4677 - Unique Server Ids for Replication Topology (UUIDs)
Ask Kristian.
WL#6004 - Server extension for allowing user tables to be put into transactional SE
Better not. Acl tables used to work with innodb, as far as I remember. if that was broken - it's a bug and we'll fix it when needed. I don't want to waste time thinking abot this NDB-specific change now, and we probably shouldn't push it without a thorough review.
Bug #14112682 : MYSQLTEST: PROVIDE ACCESS TO ERROR NAMES THROUGH NUMERIC CODES AND VICE VERSA
I don't see a point - it only encourages bad test writing style (very popular in MySQL replication team and QA). On the other hand, why not, it's a small and safe change and it'll keep compatibility with the upstream mysqltest.
Bug #11747313 31741: MYSQLTEST - DEPRECATE "SYSTEM" COMMAND
perhaps. it wasn't portable, right?
WL#2739: Auditing Password Security (plugin + API)
No. The idea is fine, but the implementation is absolutely unacceptable. 1. An akward service for opaque *strings*. One has to use an iterator to walk a string character by character. 2. One global password checking plugin, no way to have a flexible per-user policy. 3. The best part - one hard-coded plugin, loaded by name! Like, go on, try to create your own plugin - it's impossible! I'm actually not sure I got it right, seems so crazy - like a car where an engine is one solid piece of metal with no moving parts - I can hardly believe anyone could've done that. Feel free to create a Jira task for this feature and we can think how to make it properly.
WL#6587: disconnect_on_expired_password
We don't support password expiration yet, do we? So this would be a task "merge password expiration feature", not only WL#6587.
WL#5825 Using C++ Standard Library with MySQL code
We already have most of this. What's left?
WL#2111: #6 Set CLASS_ORIGIN and SUBCLASS_ORIGIN
Don't we have it yet? I thought we do. Regards, Sergei