Snort mailing list archives
Re: Acid / MySQL question
From: "Sean Wheeler" <S.Wheeler () netprotect ch>
Date: Fri, 9 Nov 2001 09:47:00 +0100
Another option : Scenario : Multiple Sensors managed by different IT depts using a central MySQL Server. On the MySQL server, create a DB for each group of sensors within each dept. Create a user account for each DB. Setup sensors accordingly Webserver uses virutal hosts..i.e 1 per dept and setup accordingly Result : Each Dept now only has access to their Database regards Sean ----- Original Message ----- From: "Thomas Whipp" <tkw () objectronix co uk> To: <lance () honeynet org> Cc: <snort-users () lists sourceforge net> Sent: Thursday, November 08, 2001 6:27 PM Subject: RE: [Snort-users] Acid / MySQL question
To be honest I'm not convinced of the benfifit of multiple user accounts for MySQL - you can't do row level permissions so you don't really gain anything. Perhaps if you where doing stuff with oracle then it would make sense. If you wanted to be really paranoid you could tie the permissions down even more - perhaps limiting select to only those tables/columns that are really necissary. However, if you dont want to have to redo the permissions list every time a database code change accesses another column then provided that you restict operations to select and insert then its not possible to delete or overwrite data and thats probably good enough. All privs is bad as it includes the right to drop tables and may include process level privs (i.e. the ability to remotely shut down the MySQL instance). Tom _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
_______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://www.geocrawler.com/redir-sf.php3?list=snort-users
Current thread:
- Acid / MySQL question Lance Spitzner (Nov 08)
- Re: Acid / MySQL question Guillaume (Nov 08)
- <Possible follow-ups>
- RE: Acid / MySQL question Steve Halligan (Nov 08)
- Re: Acid / MySQL question dan . forthun (Nov 08)
- RE: Acid / MySQL question Chris Eidem (Nov 08)
- RE: Acid / MySQL question Thomas Whipp (Nov 08)
- RE: Acid / MySQL question Aaron (Nov 08)
- Re: Acid / MySQL question Sean Wheeler (Nov 09)
- RE: Acid / MySQL question Thomas Whipp (Nov 09)