[Snort-users] Snort With Base Access Without Delete
jeff-kell at ...6282...
Wed May 12 10:41:13 EDT 2010
On 5/11/2010 5:15 PM, Galley, Daniel wrote:
> One way to do this would be to create another DB user that only has read
> privileges on the tables. Then make a copy of your base folder and edit
> the configuration to use this read-only DB user instead of the standard
> DB user. Give your helpdesk login rights to this instance of BASE and
> not the other. Does that make sense?
IIRC, you need "some" rights for BASE to function. I tried adding a
read-only user, but you have to write the cache entries and post-indexed
items which BASE normally does on each page update (e.g., Added 'xx'
alerts to the alert cache).
You can even try doing reduced SQL GRANTs to a second user, but I never
quite got the right combination without hosing some functionality.
If anyone succeeds, there is certainly an audience of at least two now
for that ability. :-)
More information about the Snort-users