Results 1 to 4 of 4
  1. 25 Aug 2014, 08:16 PM #1
    EricRas
    EricRas is offline New Zenner
    Join Date
    Aug 2012
    Location
    Brigham City, UT
    Posts
    32
    Plugin Contributions
    0

    Default Database user in configure.php

    Can someone clarify for me what database privileges the user entered in the configure.php file should have?

    SELECT, INSERT, UPDATE....anything more than that?

    Eric
    Reply With Quote Reply With Quote
  2. 25 Aug 2014, 09:23 PM #2
    EricRas
    EricRas is offline New Zenner
    Join Date
    Aug 2012
    Location
    Brigham City, UT
    Posts
    32
    Plugin Contributions
    0

    Default Re: Database user in configure.php

    I guess I should clarify...

    There are two configure.php files, one for the store and one for admin. They could (and maybe should) have two different database users defined in the connection info.

    Can the store's configure.php db user be limited to SELECT, INSERT and UPDATE?
    And, should the admin configure.php db user have all privileges?
    Reply With Quote Reply With Quote
  3. 25 Aug 2014, 09:54 PM #3
    lat9's Avatar
    lat9
    lat9 is offline Administrator
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    12,478
    Plugin Contributions
    88

    Default Re: Database user in configure.php

    Quote Originally Posted by EricRas View Post
    I guess I should clarify...

    There are two configure.php files, one for the store and one for admin. They could (and maybe should) have two different database users defined in the connection info.

    Can the store's configure.php db user be limited to SELECT, INSERT and UPDATE?
    And, should the admin configure.php db user have all privileges?
    Certainly, the admin user should have all privileges; is there a reason that you're looking to limit the access on the store-side? At a minimum, without doing an exhaustive search, the store-side needs to be able to "DELETE" rows from tables. I understand the security focus, but I think that you're opening yourself up to a world of hurt in the future when you add plugins that might do "other things".
    My website
    Reply With Quote Reply With Quote
  4. 25 Aug 2014, 11:29 PM #4
    frank18
    frank18 is offline Deceased
    Join Date
    Nov 2007
    Location
    Sunny Coast, Australia
    Posts
    3,379
    Plugin Contributions
    9

    Default Re: Database user in configure.php

    Quote Originally Posted by lat9 View Post
    ....but I think that you're opening yourself up to a world of hurt in the future when you add plugins that might do "other things".
    Nods in agreement
    Reply With Quote Reply With Quote
 

 
« Previous Thread | Next Thread »

Similar Threads

  1. upgrade of database, use of configure.php
    By torvista in forum Upgrading to 1.5.x
    Replies: 4
    Last Post: 9 Sep 2011, 09:13 PM
  2. How to set right user permisssons configure.php file?
    By ngocnguyen in forum Basic Configuration
    Replies: 14
    Last Post: 18 Jul 2009, 04:02 PM
  3. database password encryption on configure.php files
    By tj1 in forum General Questions
    Replies: 2
    Last Post: 24 Jun 2006, 06:28 AM
  4. Tool to synchronize database and configure.php
    By jayson.gurney in forum General Questions
    Replies: 0
    Last Post: 24 May 2006, 01:59 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR
Content and Graphics Copyright (c) 2003 - 2024 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC