On 3/24/03 10:37 AM, "R. Hannes Niedner" <[EMAIL PROTECTED]> wrote: > On 3/24/03 7:41 AM, "Shawn P. Garbett" <[EMAIL PROTECTED]> wrote: > > How can one allow a user to change their mysql password securily? > > > > If I do a grant update on the user table, then a user could change > > anyone's password. I just want a user to be able to change their > > password. Is this possible? > > > > Shawn > > One way of doing it is to wrap this functionality in your middleware (perl, > php, java...). Then you can grant the database user used by the middleware > update privileges on the whole user table and authorize the user identity > f. E. via web form and let the user only change it's own username after he > successfully reproduced it's own userid/password.
This defeats the purpose of using MySQL's user table to manage users and privileges. The middleware now has to keep somewhere a user/password combo, increasing the chance of a security leak. Now if the user hacks the middleware, then they have control of everyone's password. There should be some way to allow a user of mysql to change their own password, without opening up security problems. One of the principles of security is that of "least privilege". Meaning restrict a user to the least privileges required to do their work at the lowest level. MySQL offers a nice set of privilege control. If user accounts are tracked in MySQL and a user hacks the middleware, then they still can't wreck much havoc. This is because their user/password combo is very limited in what it can do. Now on the converse if they had a widely privileged database user controlling the middleware, the sky is the limit. Shawn -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
