Security   520834

« earlier    

How to use procedures to increase security in MySQL | Official Pythian® Blog
What happens in Procedures stays in Procedures

One interesting feature of procedures, functions, and views is SECURITY CONTEXT. There are two security contexts: INVOKER and DEFINER. A procedure created with the invoker security context will be executed using the privileges of the invoker account. But the default security context is definer. A procedure created with the definer security context will be executed with the privileges of the definer at execution time.

Actually, during the execution of a procedure created using the definer security context, the processlist table and show processlist command will display the definer in the user column instead of the connected user.

This means that using procedures is really a great way to raise the permissions and execute privileged code. The privileges remain restricted to the code within the procedure.
MySQL  MySQL8.0  Security  privileges  StoredProcedures  Intro  2018  PepPla  Pythian  blog 
2 hours ago by dlb
Google Cloud Platform Blog: Exploring container security: Running a tight ship with Kubernetes Engine 1.10
Exploring container security: Running a tight ship with Kubernetes Engine 1.10 - Added April 29, 2018 at 07:01PM
devops  kubernetes  read2of  security 
4 hours ago by xenocid
Your Node.js authentication tutorial is (probably) wrong
TL;DR don't do authentication yourself

[[Update (May 27 2018): This post still gets a lot of views, but this post is now months old and may contain obsolete information. I have since resigned myself from trying to harden the Node ecosystem; it is throwing cups of water on a wildfire. Ecosystem growth is prioritized over security

Passport is simply authentication middleware, and does not handle any of the other parts of authentication for you: that means the Node.js developer is likely to roll their own API token mechanisms, password reset token mechanisms, user authentication routes and endpoints, and views in whatever templating language is the rage today. Because of this, there are a lot of tutorials that specialize in setting up Passport for your Express.js application, and nearly all of them are wrong in some way or another, and none properly implement the full stack necessary for a working web application.

There are a thousand ways to fuck this up.]]
against  Node.js  authentication  security 
6 hours ago by dandv

« earlier    

related tags

2018  2fa  acrobat  adobe  against  alternative  amazon  and  angular  api-keys  apis  apple  architecture  article  authentication  authn  aws-s3  aws  azure  azureactivedirectory  azuread  azurelogicapps  backdoor  blog  bookmarks_bar  branding  brexit  browser  bugbounty  certs  check  chrome  cloud  compilers  computers  connected.device  cpu  critical  crypto  cryptography  cs166  culture  data  database  development  devops  devtools  diy  dns  docker  dropmobility  dsgvo-update  dsgvo  electronics  elixir  embedding  encryption  equifax  erlang  eu  exploit  fail  feminism  file  for  foss  github  google  government  guard  hacking  hacks  hardening  hardware  history  home  howto  hsts  http  https  id  important  inbox  information  infosec  intercom  interesting  internet  internetofthings  intro  ios  iot  ipad  iphone  java  javascript  json  jwt  kubernetes  legacy  linux  mac  macos  macosx  management  marketing  microservices  midi  migration  mismanagement  mitm  multics  mysql  mysql8.0  nacl  ncix  networking  nist  node.js  npm  oauth  opensource  openssl  os  osx  outsourcing  overview  password  pdf  pentest  peppla  persistence  personal.assistant  php  pipelines  port-knocking  privacy  privacybreach  privacyfly  privileges  productmanagement  programming  proofs  proxies  pythian  read2of  reader  reddit  redteam  reference  released  repload  repository  risk  root  safari  salzburgsummit18  scanning  security  securitybreach  sep18  service  services  soc  socialmedia  software  sql  ssh  ssl  standards  staticanalysis  storage  storedprocedures  sysadmin  tc2027  tech  test  theft  tips  tls  to_read  tools  tricks  tutorial  type:tool  u2f  update  usb  user  voting  web  webdev  wifi  windows  windowsapi  wordpress  yubikey 

Copy this bookmark: