On Tue, Feb 26, 2013 at 10:26 AM, Dennis Lee Bieber <wlfr...@ix.netcom.com> wrote: > On Mon, 25 Feb 2013 17:35:44 +1100, Chris Angelico <ros...@gmail.com> > declaimed the following in gmane.comp.python.general: >> It may take a lot of work to get the permissions down to their >> absolute minimum, but one easy "half-way house" would be to create a >> read-only user - SELECT permission on everything, no other perms. Not >> applicable to all situations, but when it is, it's an easy way to >> manage the risk of compromise. >> > I think I'd recommend that even this read permission be limited to > the tables required by the application... Wouldn't want someone to > "accidentally" read the database user account tables, would we?
Of course; once you have the concept of divided access levels, you can take it whereever you like. But some systems don't even HAVE "database user account tables" as such; look at this site: http://rosuav.com/1/ That's an old PHP-based site of mine, originally done in MySQL, now using PostgreSQL but not as yet moved off PHP. In index.php, the database connection has read-only access; there's a separate page that lets me log in using higher database credentials, and thus gain the power to add/edit entries. It's fine for the read-only user to have access to every table, because there's really only one table (not counting statistics). ChrisA -- http://mail.python.org/mailman/listinfo/python-list
