PRESENTS Vitess security audit In collaboration with the Vitess maintainers, Open Source Technology Improvement Fund and The Linux Foundation Authors Adam Korczynski David Korczynski com> Date: June 5, 2023 This report is licensed under Creative Commons 4.0 (CC BY 4.0) Vitess Security Audit, 2023 Table of contents Table of contents 1 Executive summary 2 Notable findings 3 Project found 16 SLSA review 38 Conclusions 40 1 Vitess Security Audit, 2023 Executive summary In March and April 2023, Ada Logics carried out a security audit of Vitess. The primary focus of the audit was

получении запроса на соединение процесс сервера удостоверяет пользователя по базе данных безопасности (security database). После успешного удостоверения сервер разрешает приложению (пользователю) произвести безопасности, то даже хорошее шифрование становится немного больше, чем “безопасностью по неясности” (security by obscurity). 4.2.2. Ограничение распространения данных Некоторые просят шифровать данные базы “безопасности по неясности” Предлагаются и различные другие формы “безопасности по неясности” (security by obscurity). Например, специальные события, возникающие в моменты входа/подключения и отключения

Firebird File and Metadata Security Geoff Worboys Version 0.6, 30 June 2020 Table of Contents 1. Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 7. Acceptable Low Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . page and don’t know about Firebird, see this link: www.firebirdsql.org This article discusses the security of Firebird database files and in particular access to the metadata stored in those files. It has

Steps 32 Initializing a Cassandra Cluster on Amazon EC2 Using the DataStax AMI 32 Creating an EC2 Security Group for DataStax Community Edition 33 Launching the DataStax Community AMI 34 Connecting to Read Consistency 58 Choosing Client Consistency Levels 59 Consistency Levels for Multi-Data Center Clusters 59 Specifying Client Consistency Levels 60 About Cassandra's Built-in Consistency Repair phi_convict_threshold 76 Automatic Backup Properties 76 incremental_backups 76 snapshot_before_compaction 76 Security Properties 76 authenticator 76 authority 77 internode_encryption 77 keystore 77 keystore_password

....................................................................................285 17.3.2. Security and Authentication............................................................................286 .............................................................202 12-1. SQL Transaction Isolation Levels ................................................................................................ report has security implications and you’d prefer that it not become immediately visible in public archives, don’t send it to pgsql-bugs. Security issues can be reported privately to <security@postgresql

Control in Greenplum Database 165 Snapshots 166 Transaction ID Wraparound 167 Transaction Isolation Levels 168 Read Committed Isolation Level 169 Repeatable Read Isolation Level 170 Serializable Isolation Playbook - Greenplum Database Installation for RedHat 268 Greenplum Database Security Configuration Guide 270 About Endpoint Security Software 271 Securing the Database 271 Accessing a Kerberized Hadoop Cluster pgcrypto 300 Creating PGP Keys 301 Encrypting Data in Tables using PGP 303 Key Management 308 Security Best Practices 308 System User (gpadmin) 309 Superusers 309 Login Users 309 Groups 309 Object

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 568 13. Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 615 13.9. SQL Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 740 RDB$SECURITY_CLASSES. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

................................................................................... 75 5.8. Row Security Policies ............................................................................ 80 5.9. Schemas ............................................................................ 713 22.6. Function Security ............................................................................... 715 23. Managing ..................................................................................... 883 31.9. Security ............................................................................................ 883