Problem with limited MySQL user and s9y
Posted by Wesley on
MySQL documentation gives some examples of creating users in MySQL. Among the examples are creating users that only have access to a specific database, or 'tied-to-database', as I say. This is preferred from a security standpoint because you can avoid using root to access services like s9y and use this 'limited' user instead. Let's look at one of the examples in there.
This is supposed to create a user called 'custom' on the 'localhost' domain that has the password of 'obsecure' and can only access 'bankaccount' database. Now this looks alright, but it poses a bit of problem with s9y.
Continue reading "Problem with limited MySQL user and s9y"
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON bankaccount.* TO 'custom'@'localhost' IDENTIFIED BY 'obscure';
This is supposed to create a user called 'custom' on the 'localhost' domain that has the password of 'obsecure' and can only access 'bankaccount' database. Now this looks alright, but it poses a bit of problem with s9y.