A cikin tsammanin fara sabon rajista don kwas muna ci gaba da buga jerin labarai game da ɓoyewa a cikin MySQL.
A talifi da ya gabata a wannan talifi, mun tattauna . A yau, bisa ga ilimin da aka samu a baya, bari mu dubi jujjuyawar manyan maɓallan.
Juyawar maɓalli na Master ya haɗa da samar da sabon maɓalli mai mahimmanci da sake ɓoye maɓallan sararin tebur (waɗanda aka adana a cikin masu kan teburi) tare da wannan sabon maɓalli.
Bari mu tuna yadda shugaban sararin tebur mai rufaffen ya yi kama:
Daga labarin da ya gabata, mun san cewa uwar garken tana karanta kanun duk wuraren tebur da aka rufaffen a farawa kuma suna tunawa da ID na KEY mafi girma. Misali idan muna da teburi guda uku tare da KEYID = 3 da tebur daya tare da KEYID = 4, to, matsakaicin maɓalli na ID zai zama 4. Bari mu kira wannan ID na KEY - MAX KEY ID.
Yadda jujjuyawar maɓalli ke aiki
1. Mai amfani yana aiwatar da ALTER INNODB MASTER KEY.
2. Sabar tana buƙatar maɓalli don samar da sabon maɓalli mai mahimmanci tare da uwar garken UUID da KEYID daidai yake da ɗaya da MAXKEYID. Don haka muna samun master key id daidai da INNODBKEY-UUID-(MAXKEYID + 1). Bayan nasarar ƙirƙirar maɓallin maɓalli, MAX KEY ID yana ƙaruwa da ɗaya (watau MAX).KEYID=MAXKEYID + 1).
3. Sabar tana duba duk wuraren tebur da aka rufaffen ɓoye tare da maɓallin maɓalli, kuma ga kowane sarari tebur:
-
yana ɓoye maɓallin tebur tare da sabon maɓalli mai mahimmanci;
-
yana sabunta id ɗin maɓalli zuwa sabon MAXKEYID;
-
idan UUID ya bambanta da uwar garken UUID, to sabunta uwar garken UUID.
Kamar yadda muka sani, Babban Maɓalli na ID da ake amfani da shi don ɓata tebur ya ƙunshi UUID da KEY ID da ake karantawa daga taken tebur. Abin da muke yi yanzu shine sabunta wannan bayanin a cikin maƙallan ɓoye bayanan tebur domin sabar ta sami madaidaicin maɓallin maɓalli.
Idan muna da wuraren tebur daga wurare daban-daban, kamar maɓalli daban-daban, to suna iya amfani da maɓalli daban-daban. Duk waɗannan maɓallan maɓalli za a buƙaci a dawo dasu daga ma'ajiyar lokacin da aka fara uwar garken. Wannan na iya rage jinkirin farawa uwar garken, musamman idan ana amfani da kantin maɓalli na gefen uwar garken. Tare da jujjuyawar maɓallin maɓalli, muna sake ɓoye maɓallan sararin tebur tare da maɓalli guda ɗaya wanda yake daidai ga duk wuraren tebur. Ya kamata uwar garken yanzu ta karɓi maɓalli ɗaya kawai a farawa.
Wannan, ba shakka, sakamako ne kawai mai daɗi. Babban manufar jujjuyawar maɓalli shine don sa sabar mu ta fi tsaro. A yayin da aka sace maɓalli na ko ta yaya daga rumbun ajiya (misali, daga uwar garken Vault), yana yiwuwa a ƙirƙiro sabon maɓalli mai mahimmanci kuma a sake ɓoye maɓallan sararin tebur, yana lalata maɓallin sata. Muna lafiya...kusan.
A cikin labarin da ya gabata, na yi magana game da yadda da zarar an sace maɓallin tebur, wani ɓangare na uku zai iya amfani da shi don yanke bayanan. Idan har akwai damar shiga faifan mu. Idan an saci maɓalli na maɓalli kuma kuna da damar yin amfani da bayanan da aka ɓoye, zaku iya amfani da maɓalli na sata don yanke maɓallin sararin tebur kuma samun ɓoyayyen bayanan. Kamar yadda kake gani, juyawa na maɓallin maɓalli ba ya taimaka a wannan yanayin. Mun sake rufaffen maɓalli na sararin tebur tare da sabon maɓalli mai mahimmanci, amma ainihin maɓallin da ake amfani da shi don ɓoyayyen/tsare bayanan ya kasance iri ɗaya ne. Saboda haka, "hacker" na iya ci gaba da amfani da shi don yanke bayanan. Tun da farko na yi nuni da cewa zai iya yin sake ɓoyayyen sararin tebur na gaskiya, ba kawai sake ɓoyayyen maɓalli mai sauƙi ba. Ana kiran wannan yanayin ɓoye zaren. Koyaya, wannan aikin har yanzu gwaji ne a halin yanzu.
Jujjuya maɓalli na Master yana da amfani lokacin da aka sace maɓalli mai mahimmanci, amma babu yadda za a yi maharin ya yi amfani da shi kuma ya ɓoye maɓallan sararin tebur.
Kara karantawa:
source: www.habr.com