We don't bite newbies here... much | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Also, do not allow your application to connect to the database as a rootly user, lest you run afoul of The Bobby Tables problem. (Yes, you would be astounded at just how many web-apps are out there, available to the general public, which do have the authority to issue a DROP TABLE command! Or, heh heh, GRANT ALL PRIVILEGES TO ...) Your application should connect with one or more application-specific IDs which practice the “principle of least privilege.” The MySQL system should be configured to consider, not only the user-name but also the IP-address that is making the connection. Each and every user-id should allow only the least amount of access required to do the job at hand, and, where possible, more than one such id should be used as appropriate. You may as well start dealing with these issues now. In reply to Re: MySql Access Denied
by sundialsvc4
|
|