[development] Temporary database credentials

Neil Drumm drumm at delocalizedham.com
Thu Jan 26 01:40:04 UTC 2006

Chris Johnson wrote:
> Allie Micka wrote:
>> Like many hosting providers, we grant full access to databases for 
>> site administrators, and we create a separate, rights-limited user for 
>> each database.
>> This is a great idea until it's time to run update.php.   It really 
>> should detect that I don't have DROP, ALTER, etc; but instead it just 
>> fails badly.
>> What I've been doing is editing settings.php to replace the 
>> credentials in $db_url, running update.php, and then re-editing the 
>> file.  I'm sure that most of our users are just leaving things as-is, 
>> which is bad for many reasons.
>> It would be nice to have a place to enter some temporary credentials, 
>> stored in $_SESSION and disposed of when the user logs out.
> Great idea, Allie.  This would be a good step towards improved security 
> as well as more reliable updates.  I believe update.php should 
> definitely check that it can issues ALTER, DROP, etc. if at all possible 
> before trying to update tables.

This is an excellent idea. It would be a nice addition to the database API.

I looked at the MySQL documentation for a bit and didn't notice anything 
particularly useul. SHOW GRANTS shows things for the current user, but 
not inherited permissions. And the output is in multiple rows of strings 
that have to be parsed.

How are things looking on Postgres and SQLite?

Neil Drumm

More information about the development mailing list