On Tuesday, 6 March 2018 at 07:39:00 UTC, aberba wrote:
On Tuesday, 6 March 2018 at 04:31:42 UTC, Nick Sabalausky (Abscissa) wrote:
[...]
I'm not opposed to it being added, but I'm not aware of what benefit it would provide that would big enough to make it a priority. Also, AFAIK, vibe doesn't offer socket support like it does TCP, so vibe users would loose out on the automatic yield-on-io that's a cornerstone of vibe's concurrency design.



UNIX sockets provide a way to securely connect in an enclosed/isolated environment without exposing connection externally. This is used in my company in our microservice infrastructure on Google Cloud: we connect to our db instance using a proxy and its the recommended approach in microservices.

Its a very common security practice. The default approach on Google Cloud. I would do the same for any db I want to prevent external access to. If vibe.d doesn't support it then its missing a big piece of a puzzle.
Having sockets would be better, but you may configure your mysql to allow only
local connects. So external requests are blocked.

https://dba.stackexchange.com/questions/72142/how-do-i-allow-remote-mysql-access-to-all-users

Look at the first answer to set the right privileges for your environment.

Additionally blocking the mysql port 3306 (beside many others) from outside the network would make sense.
  • mysql-native v2.1.0 Nick Sabalausky (Abscissa) via Digitalmars-d-announce
    • Re: mysql-nativ... aberba via Digitalmars-d-announce
      • Re: mysql-n... Nick Sabalausky (Abscissa) via Digitalmars-d-announce
        • Re: mys... aberba via Digitalmars-d-announce
          • Re:... Martin Tschierschke via Digitalmars-d-announce
            • ... aberba via Digitalmars-d-announce
              • ... Martin Tschierschke via Digitalmars-d-announce
              • ... Nick Sabalausky (Abscissa) via Digitalmars-d-announce
        • Re: mys... Sönke Ludwig via Digitalmars-d-announce
          • Re:... Nick Sabalausky (Abscissa) via Digitalmars-d-announce
          • Re:... Steven Schveighoffer via Digitalmars-d-announce
    • Re: mysql-nativ... bauss via Digitalmars-d-announce
      • Re: mysql-n... bauss via Digitalmars-d-announce
        • Re: mys... bauss via Digitalmars-d-announce
          • Re:... Nick Sabalausky (Abscissa) via Digitalmars-d-announce

Reply via email to