MySQL Server Component Manifest Files

Speakers:  Georgi Kodinov

Georgi Kodinov - Oracle MySQL - MySQL Track Room - Percona Live 2021

MySQL configuration has traditionally been done via system variables with values coming from either command line, config files or SET commands. This can be a security issue since it doesn’t support a trust model rooted in some well known trusted state that cannot be modified by less trusted actors.

This is what the manifest le security model is aiming at solving. It roots server security into a well known and trusted source (the server’s OS le permissions) and builds on top of it to allow secure configuration of components.

In this talk we will review how manifest files work and also check some of the early adopter components of the new secure configuration model.




Georgi Kodinov

Oracle MySQL, MySQL SrvGen team lead

Georgi “Joro” Kodinov has been working on MySQL for more than 10 years. He’s leading the Server General team that deals with security, performance monitoring and the mysql client server protocol. Before working on databases Joro was serving as an IT manager for a Bulgarian bank.

See all talks by Georgi Kodinov »

✎ Edit this page on GitHub