Should I have a different MySQL user for each database so that if someone gets access to a mysql user they cannot effect the others?
If so how would i go about doing this?
Its a principle called “separation of privileges”, which reduces the impact of an intrusion.
you can do something like
GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'127.0.0.1' IDENTIFIED BY 'somepassword'; FLUSH PRIVILEGES;
or you can provide some subset of privileges using a command similar to this;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON mydatabase.* TO 'myuser'@'localhost';
The privileges supported by MySQL (5.1) are documented here;
No related posts.
Leave a comment
- Windows File Permissions and Attributes
- What is the easiest way to upgrade my existing Perl 5.14 to Perl 5.16 on FreeBSD 9 using the ports system?
- Know if mysql has done its job
- Redirect https .com to https .co.uk without a valid SSL cert on .com without DNS change
- Why is it a bad idea to use customer email as from address