On Aug 23, 2007, at 11:50 AM, David T. Ashley wrote:
On 8/23/07, Jason Pruim <[EMAIL PROTECTED]> wrote:
I am planning on having the database open to customers of mine to
store their mailing addresses on-line, and be able to manage the
records.
Is it safe, to have 1 database with lots of tables? Or am I safer
setting up separate databases for everyone?
I should mention, no one will be accessing the database directly,
it'll be through a web interface and php to display it.
Assuming that the web server runs on the same box as the MySQL
daemon ...
you want to firewall the server so that nobody can connect to the
MySQL
daemon directly from outside the box. It is also a bad idea to
allow the
users to have shell accounts on that box unless you have taken
additional
security precautions (specifically, being sure the MySQL userid/
password
you're using are secure from all but the web server UID/GID, and
that no
other userid/passwords have access to the database you're using).
Once that is done, all access to the database is controlled by the PHP
scripts, and there is no security advantage to having multiple
databases.
I'm assuming that users have to log in individually (jsmith,
bjones, etc.)
and that the PHP scripts then carefully control what each user is
allowed to
modify.
I'm also going to assume that you've handled all the obvious
technology
issues, such as:
a)Database transactions/atomic actions.
b)Terminating TCP connections and ensuring that each PHP script
runs to
completion, anyway, and that the database isn't left in an
indeterminate
state due to this.
Dave.
The server is currently firewalled to block all but the necessary
ports from outside the local network.
No user, other then myself, and a few admins on the server will have
shell access...
The MySQL userid/password will be changed once I go live with it, or
get into the final testing.
What do you mean by "b"? If all the connections come from the local
box how could I configure that to make sure it's all set up so it
won't leave the database all messed up?
--
Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
[EMAIL PROTECTED]
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
