[TYPO3-dev] Improvement against SQL injections
ries van Twisk
typo3 at rvt.dds.nl
Sat Jun 16 15:19:30 CEST 2007
One problem with
two DB users (now I think of it)
os that may be that some hosters doesn't allow you to setup
two users for one database. I am not sure since I never
use a hoster to host my websites.
I remember that once I have seen plesk and that is just a
big pain in the arse to get things done.
Somebody know more about that?
RIes
On Jun 16, 2007, at 6:43 AM, Lars Houmark wrote:
> On 16/06/07 10:36, in article
> mailman.1.1181982984.8848.typo3-dev at lists.netfielders.de, "Martin
> Kutschker"
> <martin.kutschker-n0spam at no5pam-blackbox.net> wrote:
>
>> Use two DB uses: one is for the BE and has full write access. The
>> other
>> for the FE has only read access to tables like be_users (or no
>> access at
>> all!). If you want to can tune the permissions down to column level.
>>
>> Masi
>
> Again. This demands for the end user to set it up correctly. By
> having the
> checksum method, we ensure that TYPO3 is running safely. Thin about
> all the
> simple webhotel users which do not have any access to doing such smart
> things...
>
> - Lars
>
> _______________________________________________
> TYPO3-dev mailing list
> TYPO3-dev at lists.netfielders.de
> http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-dev
More information about the TYPO3-dev
mailing list