MySQL Should each Database be managed by a different user?
Should I have a different MySQL user for each database so that if someone gets access to a mysql user they cannot effect the others?
If so how would i go about doing this?
Its a principle called “separation of privileges”, which reduces the impact of an intrusion.
you can do something like
GRANT ALL PRIVILEGES ON mydatabase.* TO 'myuser'@'127.0.0.1' IDENTIFIED BY 'somepassword';
FLUSH PRIVILEGES;
or you can provide some subset of privileges using a command similar to this;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP
ON mydatabase.*
TO 'myuser'@'localhost';
The privileges supported by MySQL (5.1) are documented here;
http://dev.mysql.com/doc/refman/5.1/en/grant.html#grant-privileges
Check more discussion of this question.
No related posts.
Leave a comment
Recent Posts
- Windows File Permissions and Attributes
- What is the easiest way to upgrade my existing Perl 5.14 to Perl 5.16 on FreeBSD 9 using the ports system?
- Know if mysql has done its job
- Redirect https .com to https .co.uk without a valid SSL cert on .com without DNS change
- Why is it a bad idea to use customer email as from address
Tags
active-directory
amazon-ec2
apache
apache2
backup
bash
centos
cisco
command-line
debian
dns
email
exchange
firewall
iis
iis7
iptables
linux
macosx
monitoring
mysql
networking
nginx
performance
permissions
php
postfix
raid
security
sql-server
sql-server-2005
sql-server-2008
ssh
ssl
ubuntu
unix
virtualization
vpn
webserver
windows
windows-7
windows-server-2003
windows-server-2008
windows-server-2008-r2
windows-xp