[Typo3-dev] Minor Db security idea
"Kasper Skårhøj"
kasper at typo3.com
Fri Oct 17 16:29:03 CEST 2003
This could already be done by a conditional statement in localconf.php:
if (TYPO3_MODE=="FE") {
$typo3_user_name = 'blablabla';
} else {
$typo3_user_name = 'blablabla_backend';
}
(or something like this)
God bless
- kasper
*********** REPLY SEPARATOR ***********
On 14-10-2003 at 16:26 Martin Kutschker wrote:
>Hi!
>
>Just a little idea:
>
>Use two instead of one DB user. One would be used for FE users the other
>for BE users. The DB user for FE users should not have write access to all
>tables/columns, it shouldn't have read access to some tables and limited
>rights for Mysql admin tasks.
>
>Of course it's up to the site admin to set the rights, but the installer
>could check against the Db rights and issue warnings.
>
>Perhaps security is enhanced a bit. If it's not too difficult to, it may
>be worth a try.
>
>Masi
>
>_______________________________________________
>Typo3-dev mailing list
>Typo3-dev at lists.netfielders.de
>http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-dev
God bless
- kasper
- kasper
-------------------- o ---------------------
>>> In God I trust - others pay cash! <<<
Check www.typo3.com
More information about the TYPO3-dev
mailing list