Re: [xwiki-users] securing xwiki MySQL user a little

Le 14/04/2014 19:17, Guillaume Fenollar a écrit : Hi Guillaume, You are right for ALL PRIVILEGES. I think I should have detailed the background that led me to write the initial post. My concern is more about human error than security and indeed the fact that the xwiki user can alter *any* database : the other day I have installed another xwiki instance using the same mysql user than another instance on the server... but I did something wrong which is using the same database name - 'xwiki' by default. So when I started the app, it upgraded all the sql schemas of all databases of the other xwiki farm :) So, now I have understood the following lessons: - I will never use GRANT PRIVILEGES ON *.* to the xwiki mysql user. Here is my current setup: - I will tend to not share a single xwiki mysql user across multiple xwiki instance. That may sound logical but I wanted to share my experience ;) Let's say I want to setup a xwiki farm called "foo". I'd call my xwiki mysql user "uxwikifoo" and set a custom prefix to the databases that xwiki will handle. xwiki.cfg: xwiki.db=main xwiki.db.prefix=xwikifoo_ With the following grant statement: grant all privileges on `xwikifoo\_%`.* to `uxwikiuser`@`localhost` Now I am sure that the user 'uxwikifoo' is isolated will never be used to potentially destroy/read/alter another database - which that be human error or attack. For my point of view - at first initial installation time, db configuration could be done from the web UI assistant instead of editing the hibernate file. It could also warn that the "the following databases already exists and are going to be upgraded/destroyed". Overall I feel there could be improvements like that to be implemented to the installation process / assistant of xwiki. Cheers !