35.6. FEDERATED Table SecurityWhen you create a FEDERATED table, you provide a connection string in the COMMENT option of the CREATE TABLE statement. This string includes the connection parameters to use for connecting to the remote server where the original table actually is located. For example: CREATE TABLE FedCity ( ID INT NOT NULL AUTO_INCREMENT, Name CHAR(35) NOT NULL, CountryCode CHAR(3) NOT NULL, District CHAR(20) NOT NULL, Population INT NOT NULL, PRIMARY KEY (ID) ) ENGINE=FEDERATED COMMENT='mysql://wuser:wpass@world.example.com/world/City'; The username and password (wuser and wpass) are visible as plain text in the FedCity table definition, which can present a security risk in several ways:
|