[Flow] Database security considerations
Adrian Föder
adrian at foeder.de
Tue Sep 3 15:54:35 CEST 2013
Hi List,
are there any best practices regarding the database security, for
example, having at least two users, one "application" user and one
"deployment" user, where the application user only has kind of INSERT;
DELETE; UPDATE privileges, while the deployment user has DROP, CREATE
etc permissions...
One problem I see is a distrinction between these two users, because the
Configuration framework doesn't allow different users for different
cases (except a "Deployment" or "Migration" context, maybe?)
Has anybody seen, in Doctrine, a listing of required permissions, for
example, is LOCK required?
And, what do you think about protecting particular columns at all for
the simple app user?
Thanks and best,
Adrian
More information about the Flow
mailing list