Last post Nov 01, 2011 09:49 AM by Riddik
Oct 31, 2011 01:19 PM|Riddik|LINK
I would like to know what is the best practice to connect to DB in context of user account? I have just one account in my DBMS that has full admin permissions. So i use this account to connect to DB from my site. All restrictions/access are defined programmatically.
Is it ok or it is better to use several accounts with different previlliges?
Oct 31, 2011 01:27 PM|vytautas.ziurlis|LINK
First of all - if you're using single account, don't give it full permissions. For example - the user your're using might not need DROP permission, i.e. you should give only bare minimum.
In general it would be more secure to use different users, however this is often quite difficult to implement.
Oct 31, 2011 04:54 PM|Horizon_Net|LINK
I agree with the post above. You should never give full permissions to a user (just the minimum the user needs). And for different approaches you should have different roles (and then add the users to the appropriate roles). You shouldn't work directly with
user permissions, but rather with role permissions.
Nov 01, 2011 09:49 AM|Riddik|LINK
Thanks you guys!
This is just best practice and i guess it is rahter diffucult to use different user.