I am enquiring as to the *minimum* privileges required by the RoundCube user
to access the backend SQL (MariaDB) Server.
I am going to assume - and please correct me if I am wrong - that the
*required* privileges are:
* DELETE, INSERT, SELECT, and UPDATE
Yes you are right. I am using socket auth instead of having a SQL password.
This way there is no password to leak in config files. And it successfully
runs with only the 4 permissions.
CREATE USER apache@localhost IDENTIFIED VIA unix_socket;
GRANT SELECT, INSERT, UPDATE, DELETE ON roundcube.* TO apache@localhost;
_______________________________________________
Users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
