Providing MySQL users with just the minimum privileges

前端 未结 3 549
北海茫月
北海茫月 2021-02-12 12:56

For a web application, when creating the user which will connect to the MySQL database, you have the choice of privileges. Assuming that the only actions intended to be done by

3条回答
  •  广开言路
    2021-02-12 13:56

    There are other privileges that a user might need during an ordinary application, for example:

    • CREATE TEMPORARY TABLE
    • EXECUTE (stored procedures)
    • FILE (for SELECT INTO and LOAD DATA)
    • LOCK TABLES

    There's also the possibility that minimal privileges could mean only SELECT on certain tables, and only SELECT and UPDATE on other tables, etc. This is subject to change any time the application's functionality is enhanced. And there are weird cases, like the need to have SELECT privilege on a table you never query, because it's referenced by the foreign keys in a table you UPDATE. So tracking minimal privileges is a royal pain.

    What are you trying to restrict by using SQL privileges? You're the one who wrote all the code, so managing SQL privileges at a fine granularity shouldn't be necessary. Frankly, if your users are able to upload and run SQL statements that you haven't vetted, you have bigger problems:

    SELECT * FROM mytable, mytable, mytable, mytable, mytable ORDER BY 1;
    

    The real tasks you want to govern aren't at the database level, they're at the application business level. For example, a CMS has operations like create a page, edit a page, administer comments, etc. These tasks are higher-level than SQL privileges. You could mimic them with SQL roles (which are groups of privileges), but SQL roles aren't widely supported.

    I don't know anyone who maps their application users to distinct MySQL users. They're users you authenticate in your application, after the app has connected to the database (the users are just rows of data in the database).

    So you're probably better off having your web app use a single MySQL user with full privileges.

提交回复
热议问题