MySQL Forums
Forum List  »  Install & Repo

Demote root?
Posted by: Dan Carvin
Date: May 27, 2014 12:12PM

We have a MySQL 5.5.14 instance that was built poorly from a security perspective.

There are multiple PHP web applications that access their databases using the root account. We are planning a new application that will contain a database with sensitive data. We can set up a new user for the sensitive database, but there is concern that a hacker going through one of the other applications using the root account (which has global access to all data) can hack into the sensitive data.

One solution proposed was to create a new user with full global access for administration purposes, grant root database-level access to the existing databases for the existing applications, then remove the global priviliages for root.

Is this a viable solution? Is it particularly difficult or risky? (I'm a MSSQL dba who pokes around in MySQL when needed.) Is there an existing tutorial that descibes the steps to do this in detail?

Thanks in advance.

Options: ReplyQuote


Subject
Written By
Posted
Demote root?
May 27, 2014 12:12PM
June 01, 2014 09:39PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.