The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ALL PRIVILEGES - Security Risk?

Discussion in 'Database Discussions' started by Crowley5150, Jan 27, 2011.

  1. Crowley5150

    Crowley5150 Registered

    Jan 27, 2011
    Likes Received:
    Trophy Points:
    Hi All,

    I'm quite new to cpanel (been using Pl*sk for the last several years and now made the change with a new hosting server).

    My question is this, I'm creating new databases for my customers websites (i'm a web developer) and the db/web user (ie, the account the website uses to access the database), so far as I can tell only really requires SELECT, INSERT, UPDATE and DELETE privileges.

    All of my research and searching through forums seems to suggest that almost everyone creates DB users with ALL PRIVILEGES.

    My question is, is there any additional security risks of allowing not only the above mentioned 4 privileges, but all of the others (INDEX, EXECUTE, DROP, ALTER, CREATE etc etc).

    If there isn't any additional risk, what benefit is there of selecting ALL PRIVILEGES over the above mentioned 4?

    Thanks in advance.

  2. cPanelDavidG

    cPanelDavidG Technical Product Specialist

    Nov 29, 2006
    Likes Received:
    Trophy Points:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    I'll confine my discussion to the creation of so-called virtual MySQL users (the MySQL user you create via the cPanel interface). Even if that user is completely compromised, it will be limited to just influencing databases it has permissions over.

    In more traditional database settings (as in, not web hosting), you will frequently see that some users can add to databases, but not remove anything from a database, or be able to update something but not insert new data etc. Given the sensitivity of data in these academic scenarios (often thought to be something like customer records), it makes sense for there to be different permissions for different users.

    In web hosting, it is almost always assumed the MySQL user will have all the 4 permissions you mention and some others. For example, software upgrades may require ALTERing the database structure and DROPping tables that are no longer needed. So you could run into unexpected issues with just those permissions just because so many application developers assume these database privileges are available.

    Now if you had, for example, a forum, then the forum software should have full privileges to the forum database. Now, if you had something else which should only read from that database and has no excuse to be writing/altering anything in it, then such a scenario would call for a separate database user with just SELECT privileges. However, in the realm of web hosting (unlike some of the more advanced database stuff out there) a scenario that would best be addressed with multiple database users would be considered a fringe case rather than a typical scenario.

    I'm sure some DBAs out there could provide more insight. I'm just providing my insight as someone who runs a lot of website software :).

Share This Page