Support for UNIX socket as alternative to host-port style of connection.

[aberba]

UNIX sockets provide a way to securely connect in an enclosed/isolated environment without exposing connection externally. This is used in my our microservice infrastructure on: we connect to our db instance using a proxy and its the recommended approach in microservices.

Its a very common security practice. The default approach on Google Cloud. I would do the same for any db I want to prevent external access to. If mysql-native doesn't support it then its missing a big piece of a puzzle. Database libs like mysql-native could benefit from vibe.D's implementation to support UNIX socket connection that integrates well with vibe.d.

// Vibe.d: examples/unix_socket_server/source/app.d 
auto settings = new HTTPServerSettings;
settings.bindAddresses = ["/tmp/vibe.sock"];
listenHTTP(settings, router);

Then the "/tmp/vibe.sock" will be the path to the database socket connection. An example style of this approach is in the Google Cloud SQL Nodejs demo here where they connect to the database using a proxy (UNIX socket connection) using the nodejs mysql package. Here is a snippet from the page:

const config = {
  user: process.env.SQL_USER,
  password: process.env.SQL_PASSWORD,
  database: process.env.SQL_DATABASE
};

if (process.env.INSTANCE_CONNECTION_NAME && process.env.NODE_ENV === 'production') {
  config.socketPath = `/cloudsql/${process.env.INSTANCE_CONNECTION_NAME}`;
}

// Connect to the database
const knex = Knex({
  client: 'mysql',
  connection: config
});

[Abscissa]

Can't the same security be obtained by configuring MySQL to block connections from anything but localhost?

[aberba]

This is used also in the cloud to prevent external access. You usually don't have that much control in the cloud over your database instance. Its managed for you. Example use-case is a microservice or docker containers.

[Abscissa]

Are you saying that it's common for database hosting providers to only allow access via unix socket, but not via localhost, and cannot be set up to allow connections from localhost? Do you have examples of such service providers?

And if so, how do you even connect anyway to a server's unix socket if you don't already have SSH access to the machine in question? Unix-sockets are strictly machine-local. To access one, you would have to already have some kind of SSH access to the machine in question.

[aberba]

The Google cloud SQL supports UNIX sockets by default. Its not a localhost issue. This a production technology for microservices. Its explained here https://cloud.google.com/sql/docs/mysql/sql-proxy

[Abscissa]

Thanks for the link. I just took a look, but it appears the very same page makes it clear that Google Cloud SQL Proxy ALSO supports TCP just as well:

"The proxy startup options you provide determine whether it will listen on a TCP port or on a Unix socket. If it is listening on a Unix socket, it creates the socket at the location you choose; usually, the /cloudsql/ directory. For TCP, the proxy listens on localhost by default."

In fact, there's a table further down the page which indicates at least a couple of its features (at least on Windows anyway), even require using TCP instead of UNIX sockets. Additionally, I don't see anything on that page which suggests any preference, priority, or superiority for unix sockets as opposed to TCP.

Let me try to clarify my position:

I do appreciate that connecting to a DB via UNIX sockets instead of TCP is a popular, common, and certainly valid approach. And to be clear, I am absolutely in favor of mysql-native supporting UNIX sockets.

I just want to be upfront that, as things stand right now, it will likely be awhile before I can get around to implementing it (though I would welcome a solid pull request at any point). This is simply because mysql-native (and other projects I work on) still have bigger priorities at the moment, and I'm only working on this in unpaid spare time.

If this really is pressing, there are some things I can think of offhand which would boost the priority of a fix coming from me personally:

1. If it can be shown (through evidence or a reasonable argument) that using UNIX sockets for this can lead to better security than "TCP restricted to connections from localhost-only", that would definitely bump the priority of this. But note that any popularity of UNIX sockets is neither evidence, nor argument, of superior security. Popularity is popularity, security is security.

2. If there's a common situation where TCP connections just simply aren't a viable option, then again, that would definitely bump the priority of this. But I would need to be shown this is a real need and that using TCP (even if restricted to only connections from localhost) isn't viable. Not evidence that unix sockets are a popular choice, but that they are necessary.

Short of either of those, then yes, I'll try to take care of it when I can, if nobody else contributes the feature in the meantime.

In case it helps matters: If this is needed for business purposes, then as with anything else, I am open to negotiating this or any other need as paid contract work. And it doesn't have to be me, I'm sure other D developers would be open it as well.

But short of that, as an unpaid volunteer effort I need to prioritize it appropriately, and so far I haven't seen any sign of this being needed, nor of it offering improved security that can't already be achieved with TCP. So far, I've only seen that sometimes people choose to use unix sockets instead of TCP, but not that they need to, and not that they reap any particular benefits they can't just as easily achieve with TCP.