MySQL Notes
Following the recent bot attacks against poorly secured MySQL installations on Windows (not a MySQL vulnerability), MySQL AB has published an article detailing how to best secure a MySQL server running on Microsoft platforms:
A worm is on the loose attacking MySQL installations on computers running Windows. This does not appear to be a MySQL exploit; rather one which takes advantage of weak security to use MySQL functions to insert malicious code into the system.
The mysqldump utility doesn't provide any inbuilt
facilities for compressing output. This can be a problem if the
disk space available is smaller than the dump's final size.
On Linux and UNIX systems the way round this is to compress
mysqldump's output on the fly, e.g. using the bzip2
utility:
mysqldump -uroot -pPASSWORD --opt --all-databases | bzip2 -c > mysql-full-dump.bz2
A common problem in MySQL is the comparatively simple act of defining a TIMESTAMP column which has as its default value the timestamp at the time the record is created. In most databases this is simply a case of appending DEFAULT NOW() to the timestamp column.
Beginning with version 4.1.2 MySQL now supports this, albeit as an overlay to the slightly eccentric TIMESTAMP functionality, making life just that little bit easier.
The most prominent new feature of MySQL 4.1 is the introduction of subqueries (also known as subselects), a very welcome addition which brings MySQL's feature set a little closer to that of other databases.