[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] MySQL Configuration for RaQ Virtual Sites
- Subject: Re: [cobalt-users] MySQL Configuration for RaQ Virtual Sites
- From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
- Date: Thu Nov 29 08:36:13 2001
- Organization: Befriend Internet Services LLC
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
"Jim Scott" <cobaltlist@xxxxxxxxxxxx> wrote:
> What needs to be done on a RAQ server to allow virtual sites access to
> adding databases. I have installed MySQL and have allowed root access to
> make changes and add databases but I am not sure what the best way to
> achieve allowing individual sites on the same server MySQL access.
>
> How is this done? Want to make sure I am keeping security of other
databases
> hidden and allow admins of the sites to create MySQL databases.
This isn't possible in the MySQL access privilege system without allowing
your site admins to have grant privileges. Grant privileges will allow them
to delete databases that aren't theirs and edit others' databases so I don't
advise doing it. The MySQL root user should be used to create databases and
I recommend doing the following for each site that needs access to MySQL.
1. Create a single MySQL db for the site.
2. Create a MySQL user with *no* privileges in the mysql user table.
3. Configure the MySQL user with all privileges except grant privileges in
the mysql db table.
4. If necessary create an additional db and repeat steps 2 and 3 as
appropriate.
The majority of sites requiring MySQL access do not need multiple databases.
If your customers do that is fine, but giving them privileges to create
databases opens up a can of worms.
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/