WampServer
Apache, PHP, MySQL
on Windows
why new user other than root@localhost
Posted by:
joffy
(202.72.100.---)
Date: October 02, 2007 11:57AM
Is it beneficial that I create a new user other than the root user for a database? if so why? I am using one database for a club and all this is very new to me so i am trying to work out why and if i should create another user. any help will much appreciated.
joffy
joffy
Re: why new user other than root@localhost
Posted by:
CyberSpatium
(---.hsd1.or.comcast.net)
Date: October 30, 2007 07:16PM
a root user can do anything with your databases and data. if your server gets hack or someone runs an sql injection attack they can do whatever they want if they get your data. access it, change it, steal it, delete it, and more.
if you store personal information from your customers, then the hackers could get whatever is stored there. credit card info, social security numbers, addresses, user names, passwords, etc. they could also delete all your data, or even add their own data so they could access your website, and even access it with admin level privileges.
so, you need to create a new user who only has permissions to select, and insert privileges to your database.
CyberSpatium
----------------------
WAMP English Forum Admin
I have WAMP5 working with (for development use only):
Windows Vista Ultimate x64 (64 bit)
Kaspersky Internet Security Suite 7.0.x
Spyware Terminater 2.x
CounterSpy 2.5.x
Need help? Check out my WAMP User Manual/Guide here!
Web Development for Newbie's Blog - Check out my new blog. It is for web developers, and especially tailored for the web development newbie. If you are not fluent in geek speak, then this incredible resource is just you. And even if you are a web development pro, this is a great resource to check out some of the latest web development tips, news, tutorials, codes and more.
if you store personal information from your customers, then the hackers could get whatever is stored there. credit card info, social security numbers, addresses, user names, passwords, etc. they could also delete all your data, or even add their own data so they could access your website, and even access it with admin level privileges.
so, you need to create a new user who only has permissions to select, and insert privileges to your database.
CyberSpatium
----------------------
WAMP English Forum Admin
I have WAMP5 working with (for development use only):
Windows Vista Ultimate x64 (64 bit)
Kaspersky Internet Security Suite 7.0.x
Spyware Terminater 2.x
CounterSpy 2.5.x
Need help? Check out my WAMP User Manual/Guide here!
Web Development for Newbie's Blog - Check out my new blog. It is for web developers, and especially tailored for the web development newbie. If you are not fluent in geek speak, then this incredible resource is just you. And even if you are a web development pro, this is a great resource to check out some of the latest web development tips, news, tutorials, codes and more.
Sorry, only registered users may post in this forum.
