Database Reference
In-Depth Information
28
Managing Security
Database servers usually contain critical data, and ensuring the safety and integrity
of that data requires that access control be used. In this chapter you learn about
MariaDB access control and user management.
Understanding Access Control
The basis
of security for your MariaDB server is this: Users should have appropri-
ate access to the data they need, no more and no less . In other words, users should
not have too much access to too much data.
Consider the following:
Most users need to read and write data from tables, but few users will
ever need to be able to create and drop tables.
Some users might need to read tables but might not need to update
them.
You might want to allow users to add data but not delete data.
Some users (managers or administrators) might need rights to manipu-
late user accounts, but most should not.
You might want users to access data via stored procedures but never
directly.
You might want to restrict access to some functionality based on from
where the user is logging in.
These are just examples, but they help demonstrate an important point. You
need to provide users with the access they need and just the access they need.
This is known as access control , and managing access control requires creating
and managing user accounts.
Back in Chapter 3, “Working with MariaDB,” you learned that you need to
log in to MariaDB to perform any operations. When first installed, MariaDB
creates a user account named root that has complete and total control over
 
 
 
Search WWH ::




Custom Search