Can someone clarify for me what database privileges the user entered in the configure.php file should have?
SELECT, INSERT, UPDATE....anything more than that?
Eric
Can someone clarify for me what database privileges the user entered in the configure.php file should have?
SELECT, INSERT, UPDATE....anything more than that?
Eric
I guess I should clarify...
There are two configure.php files, one for the store and one for admin. They could (and maybe should) have two different database users defined in the connection info.
Can the store's configure.php db user be limited to SELECT, INSERT and UPDATE?
And, should the admin configure.php db user have all privileges?
Certainly, the admin user should have all privileges; is there a reason that you're looking to limit the access on the store-side? At a minimum, without doing an exhaustive search, the store-side needs to be able to "DELETE" rows from tables. I understand the security focus, but I think that you're opening yourself up to a world of hurt in the future when you add plugins that might do "other things".
Bookmarks