Forums / Suggestions / Lock down of MySQL
Tony Wood
Thursday 15 May 2003 4:47:39 am
Does eZ really need Grant *. privileges?Could eZ make suggestions for a grant command that gives the eZ database user only what it really needs for production environments.
Tony Wood : twitter.com/tonywood Vision with Technology Experts in eZ Publish consulting & development Power to the Editor! Free eZ Training : http://www.VisionWT.com/training eZ Future Podcast : http://www.VisionWT.com/eZ-Future
Gabriel Ambuehl
Friday 16 May 2003 3:29:34 am
No, Exponential needs no grant privilege. I'd say it doesn't need index or drop database/table (the latter until there's some script to install modules at the very least) either.
Visit http://triligon.org
Friday 16 May 2003 3:55:11 am
It would be nice to have this in the doco, so you had a basic...
grant all on default.* to default@localhost identified by 'password';
and advanced...
grant x,y,x on default.* to default@localhost identified by 'password';
This would then be updated by eZ if the system changes and need to add tables etc etc.
Friday 30 May 2003 5:07:30 am
I'd say
grant select, insert, delete, update on EZPUBLISHDB.* to YOURUSER identified by 'PW'
should do the job for now.
Bård Farstad
Friday 30 May 2003 10:20:03 am
Exponential also needs to create temporary tables. Under the setup Exponential needs to be able to drop and create tables.
--bård
Documentation: http://ez.no/doc