Lists the Security configuration metrics and provides a brief description of each.
Table 5.27 Security Configuration Metrics
Name | Description |
---|---|
Automatic Sp Privileges Enabled (Total) | When this variable has a value of 1 (the default), the server automatically grants the EXECUTE and ALTER ROUTINE privileges to the creator of a stored routine, if the user cannot already execute and alter or drop the routine. |
Disconnect On Expired Password Enabled (Total) | Controls how the server handles clients with expired passwords. |
Local Infile Enabled (Total) | Whether LOCAL is supported for LOAD DATA INFILE statements. |
Old Passwords Enabled (Total) | Whether the server should use pre-4.1-style passwords for MySQL user accounts. |
Secure Auth Enabled (Total) | Disallow authentication by clients that attempt to use accounts that have old (pre-4.1) passwords. |
Secure File Privileges (Total) | If set to the name of a directory, it limits the effect of the LOAD_FILE() function and the LOAD DATA and SELECT ... INTO OUTFILE statements to work only with files in that directory. |
Sha256 Password Private Key Path (Total) | The path name of the RSA private key file for the sha256_password authentication plugin. If the file is named as a relative path, it is interpreted relative to the server data directory. The file must be in PEM format. Because this file stores a private key, its access mode should be restricted so that only the MySQL server can read it. |
Sha256 Password Public Key Path (Total) | The path name of the RSA public key file for the sha256_password authentication plugin. If the file is named as a relative path, it is interpreted relative to the server data directory. The file must be in PEM format. Because this file stores a public key, copies can be freely distributed to client users. |
Skip Show Database Enabled (Total) | With this option, the SHOW DATABASES statement is permitted only to users who have the SHOW DATABASES privilege, and the statement displays all database names. |
Validate User Plugins Enabled (Total) | If this variable is enabled (the default), the server checks each user account and produces a warning if conditions are found that would make the account unusable. |