Re: protect the access for ndb_mgm

Anatoly,   

   thanks for the fast answer.

  I think that is a big security problem, because any host at my network ( running in a private network ) that has the ndb_mgm can shutdown the cluster.
When I discover this problem at my cluster, the solution was block the port 1186 with iptables rules, but it's a dirty way to solve this 'bug', because I need put many rules allowing the machine that can connect at ndb_mgmd.
  Can the ndb_mgmd have a little more of security issues? or we always depend of others tools to protect the access to ndb_mgmd ?

Thanks in advance,

--
Aslan Carlos de M. Ramos
Network Administrator
K8 Networks, Digirati Networks , Hostnet Web hosting
Phone  : +55(21)2233-5950 branch:29
Mobile : +55(21)9989-4932
Skype  : aslancarlos
    




On Tue, 2007-08-07 at 16:59 -0400, Anatoly Pidruchny wrote:

> Aslan,
> 
> there is no security at all at NDB level, so, you can not set up a 
> password for ndb_mgm.
> 
> As to configuring the ndb_mgmd at just one interface, please take a look 
> at this bug report first: http://bugs.mysql.com/bug.php?id=22195&thanks=sub
> MySQL implemented the option "--bind-address" for ndbd process to bind 
> to one interface, but refused to implement it also for the ndb_mgmd 
> process. I tried to explain why I think that would be useful in the bug 
> report, but got no reply. I am glad you are bringing up this issue. The 
> more people ask about this feature, the more likely MySQL will agree to 
> implement it.
> 
> Regards,
> 
> Anatoly.
> > Hi, 
> >
> > Can I use one password for control the access to ngn_mgm or configure
> > the ndb_mgmd at just one interface?
> >
> >
> > best regards,
> > Aslan Carlos
> >   
> 

--