[Snort-users] Acid / MySQL question

Thomas Whipp tkw at ...1885...
Thu Nov 8 09:28:03 EST 2001


To be honest I'm not convinced of the benfifit of multiple
user accounts for MySQL - you can't do row level permissions
so you don't really gain anything.  Perhaps if you where
doing stuff with oracle then it would make sense.

If you wanted to be really paranoid you could tie the
permissions down even more - perhaps limiting select to only
those tables/columns that are really necissary.

However, if you dont want to have to redo the permissions
list every time a database code change accesses another
column then provided that you restict operations to select
and insert then its not possible to delete or overwrite data
and thats probably good enough.

All privs is bad as it includes the right to drop tables and
may include process level privs (i.e. the ability to
remotely shut down the MySQL instance).


	Tom





More information about the Snort-users mailing list