Creating MySQL user with security

Question

Creating MySQL user with security

Navigation

#1 by (1 votes)
#2 by (-2 votes)

-2

For security reasons, what privileges should a database user have or should not have?

php mysql

asked by anonymous 07.04.2018 / 00:42

2 answers

Simple PHP question, I need a structure, if the course has a name, you can not delete it! With what web language could I develop something similar to this image? [closed]

score 1 · Answer 1

Depends on the role of the user in accessing the database. For example, a data-only user should not have access to "INSERT" or "DELETE" even though business logic is prepared not to do these tasks, if the user is used improperly for some reason, permissions than desired.

score -2 · Answer 2

This will depend on what tasks the user will need to run in the database. For example, an application user will need the basic privileges (select, insert, update and delete) but in some applications you may need to create temporary tables or even a view.

The best thing to do is to provide the minimum necessary permissions (the "data" block) and, depending on the case, to guarantee others.

Note, you can have more than one user accessing the same database, sometimes it can be interesting to create someone for the application itself, others for administrative routines, backup, etc.