14 Apr
2014
14 Apr
'14
7:17 p.m.
Hello,
Giving "ALL PRIVILEGES" doesn't give the GRANT option, so basically, if you
run this command, it will give xwiki user all the rights, but to that one
only. Beyond that, I don't see how the reload privilege could be dangerous
at all to give.
The only way to make it more secure is to grant the rights for every
database, one by one.
We used to meet people having issues during wikis creations, because of
lack of privileges, that's why the documentation directly advise to give
all privileges to everything. So of course, you can also pick the exclusive
rights you want to grant, but since you need to do that for every database,
it may be a bit long.
Good luck
Guillaume
2014-04-14 9:43 GMT+02:00 Martin Hamant <mh(a)ow2.org>rg>:
Hi,
It is mentioned in the documentation "Give all privileges to the xwiki
user for accessing and creating databases" - because the user to be able to
create additional databases for sub-wikis ; but isn't it a little pushy to
give *all* the privileges (Grant, reload...) to the xwiki user ?
How could I secure the xwiki mysql user account a little more ?
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users