Xataface Forums

Put a face on your database
http://xataface.com/forum/

Database user privileges

http://xataface.com/forum/viewtopic.php?f=4&t=6882

Page 1 of 1

Database user privileges

PostPosted: Tue Aug 07, 2012 1:53 pm
by aytonk
What MySQL privileges do I need to grant to the db username specfied in the conf.ini file?
I'd prefer to avoid a "GRANT ALL PRIVILEGES" if I can - I'm trying to set up some security on the system I'm developing, and good practice would keep the assigned privileges to the absolute minimum.

Thanks

Kevin

Re: Database user privileges

PostPosted: Tue Aug 07, 2012 2:07 pm
by shannah
I generally give ALL privileges. Xataface needs to be able to create a few tables for book keeping and for performance improvements.

If you really want to be stingy, you could set up the Xataface application on a separate database from your main one, and just create views for the tables that you need.
e.g.
If your main database is called "dba", and you just want to allow access to the "customers" table from dba, then you could create another database "dbb", and create a view on it:
Code: Select all
use dbb;
create view customers as select * from dba.customers;


Give the XF app full permissions to dbb and no permissions to dba.

-Steve

Re: Database user privileges

PostPosted: Wed Aug 08, 2012 11:38 am
by aytonk
Stave,

thanks for the quick response.

I'll stick with 'ALL' for now then. I might try removing them one by one later, but I have other more important things to do first.

Thanks again

Kevin
All times are UTC - 7 hours
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/