Re: When to create a new user?
- Date: Sun, 23 Aug 2015 10:37:25 -0700
- From: Jan Steinman <Jan@xxxxxxxxxxxxxx>
- Subject: Re: When to create a new user?
> From: Richard Reina <gatorreina@xxxxxxxxx>
> I am writing a web application... As new users sign up for
> the application should each get their own MySQL username and password or is
> okay to execute their queries with the same (one generic) MySQL username
> and password?
As others have said, it sounds like one SQL user.
Think of MySQL users as "roles," rather than "users." Segregate these roles according to how much trust you have in the user behind the role, and how much damage that role could perform.
You may want a separate MySQL user that can only INSERT, for example, but without DELETE permission.
:::: Be a light, not a judge. Be a model, not a critic. Be part of the solution, not part of the problem. -- Stephen R. Covey
:::: Jan Steinman, EcoReality Co-op ::::
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/mysql