Friday, 8 December 2017

My wife's new labtop

Well, World of Warcraft has once again got its hooks into me. I plan on reactivating my account. Ever since the proclamation from Blizzard that World of Warcraft Classic is going to be actively developed, I've got the itch.

My wife would like to play as well, but our labtop, though working fine, is having trouble if the settings are higher than 0.

So, the search for an entry level gaming labtop on a tight budget was on!

As I have no experience with buying labtops or computers on a regular basis, time to do some research.

I decided, for an entry level gaming labtop videocard, to shoot for the NVidia GTX 960M or the NVidia GTX 1050.

I hear the processor is not the most interesting/important part of gaming, so a 7th generation i5 would be fine.

Memory is also not that important, as long as it is at least 8 Gigabytes. I do hope to be able to upgrade this, when I decide to do some software development on said labtop.

An SSD is a very nice to have, otherwise you end up on loading screens that take a while in any serious multi-gigabyte game.

brand type proccessor video (mem) hdd/ssd mem/max
Asus RoG RoG GC533VW-FY079T i7 6700HQ 960M (2gb) hdd 8/16
MSI 6L62M 7RDX-1267NL i5 7300HQ 1050 (2gb) hdd/ssd 8/32
Acer Nitro AN515-51-5048 i5 7300HQ 1050 (4gb) hdd/ssd 8/32
Lenovo Legion Y520-15LBKN-80WK00Q4mh i7 7700HQ 1050 (2gb) hdd/ssd 8/16
Asus RoG 6L502VM-FY479T i7 7700HQ 1060 hdd/ssd 8/16
HP Pavilion Power 15-cb001nd i5 7300HQ 1050 (2gb) hdd/ssd 8/16

We decided on the HP, also because my wife's company sells it and we can get a (small) discount.

I would have liked to go for a Republic of Gamers (RoG) labtop, pure for the novelty value and the design, but alas it was not to be.

Originally my wife had something in mind around the 700 euro price tag, but we failed miserably in that category. These gaming labtops start from 899 euros and up.

Saturday, 2 December 2017

Automated executing of MySQL/MariaDB scripts

I am running MariaDB and I wish to execute sql scripts without all this hassle of entering my password. Of course this carries severe security risks with it, that we need to be aware of and, if possible, mitigate.

Via the commandline

It is possible to execute sql scripts via the commandline1, but the problem here is that the password you use is visible in the process list. So this is a security risk.

Let's not do this.

mysql_config_editor

I firstly checked out mysql_config_editor2, which enables you to put the password and other options into an encrypted configuration file. But it turns out that MariaDB does not come with that specific tool. The encryption used seems quite weak, and there's an article about the security issues at [3]. There is also the blogpost at [4] giving some details.

So now what?

Well, there is always the plan to use the configuration file .my.cnf5, and you can store your mysql or mariadb password in there and everything would be hunky-dory.

The .my.cnf looks like this:

[client]
password=topsecretpassword

You are no doubt aware that the password is stored in cleartext.

The following security measures should be in place:

  • always make sure the permissions on the file are set to -rw-------
  • create a user in your database with only those permissions that are required by your scripts. In most cases, this is select/update/delete/insert statements.
  • when you are finished with your scripts, it might be a good idea to remove the password from the conf file. I understand that with cron jobs and batch scripts this might not be possible.

There is an example of a my.cnf containing every possible configuration option at /usr/share/mysql/my-large.cnf when you install MariaDB.

References

[1] StackOverflow - How to execute a MySQL command from a shell script?
https://stackoverflow.com/questions/8055694/how-to-execute-a-mysql-command-from-a-shell-script
[2] MysqlManual 5.7 - mysql_config_editor
https://dev.mysql.com/doc/refman/5.7/en/mysql-config-editor.html
[3] MariaDb Blog -
https://mariadb.com/resources/blog/mysql-56-security-through-complacency
[4] Todd's MySQL Blog - Understanding mysql_config_editor’s security aspects
http://mysqlblog.fivefarmers.com/2012/08/16/understanding-mysql_config_editors-security-aspects/
[5] MariaDB - Configuring MariaDB with my.cnf
https://mariadb.com/kb/en/library/configuring-mariadb-with-mycnf/