[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFC: common database policy/infrastracture

> > > are these actual mysql/pgsql database users,
> > Yes.
> > > or users stored inside the gnumed database?
> > No.
> 
> well dbconfig-common can handle the creation of one user already, it'd
> probably be simplest to create that user, and use it to dole out other
> users+privileges.  that may mean that you'd have to do something in your
> bootstrap script to grant any extra privileges that the user would need
> to do so.
Well, but to grant extra rights to that user I'd have to
become a user with even more priviledges - which is what we'd
want to avoid in the first place. If dbconfig-common is trying
to be helpful it needs to create the user with all the
necessary rights.

> > If dbconfig-common creates gm-dbowner (which is a database
> > owner intended to own all GnuMed database objects and which has
> > create-db and create-user rights) that would be enough. We
> > would then just rely on that and create "our" users/groups
> > under that account. dbconfig-common would just need to make
> > sure the "gnumed" database is created such that it is owned by
> > gm-dbowner.
> 
> i don't think the user is by default granted create user and create
> db rights, at least in mysql.  i'm really out of my area of expertise
> with pgsql, so it may be different there.
No, same thing.

> in mysql, at least, that
> would be of some concern to me as a sysadmin/dba that one of my database
> applications could potentially have full administrative access to
> all the databases on my system.
a) our applications don't use that user
b) the user only has create-database and create-user which
   means it can create new databases and delete databases
   owned by itself, same with users: create new ones and
   delete those created by itself
c) the user does not have administrative access to other
   databases
d) in fact, that user does not have "administrative" access at
   all in that that would be something generic, it only has
   the added rights to manage "it's" databases/users

I don't think there's a real security concern there.

Karsten
-- 
GPG key ID E4071346 @ wwwkeys.pgp.net
E167 67FD A291 2BEA 73BD  4537 78B9 A9F9 E407 1346
Reply to: