Demote root?
We have a MySQL 5.5.14 instance that was built poorly from a security perspective.
There are multiple PHP web applications that access their databases using the root account. We are planning a new application that will contain a database with sensitive data. We can set up a new user for the sensitive database, but there is concern that a hacker going through one of the other applications using the root account (which has global access to all data) can hack into the sensitive data.
One solution proposed was to create a new user with full global access for administration purposes, grant root database-level access to the existing databases for the existing applications, then remove the global priviliages for root.
Is this a viable solution? Is it particularly difficult or risky? (I'm a MSSQL dba who pokes around in MySQL when needed.) Is there an existing tutorial that descibes the steps to do this in detail?
Thanks in advance.
Subject
Written By
Posted
Demote root?
May 27, 2014 12:12PM
Sorry, you can't reply to this topic. It has been closed.
Content reproduced on this site is the property of the respective copyright holders.
It is not reviewed in advance by Oracle and does not necessarily represent the opinion
of Oracle or any other party.