开发者

MySQL: Create a user for reading and another for writing?

I have been searching for this for a while and unable to find something useful.

Is it a good practice or even important to create 2 MySQL users, one for reading and then use that whenever I'm initiating a MySQL SELECT.

And on the other side, create another user for writing and use it wheneve开发者_开发问答r I'm doing an INSERT, UPDATE, DELETE, ...?

Would this help at anything for example if I'm writing and reading to the database at the same time?

Assume we're using InnoDB tables.


"good practice" is very hard to define - you've got a whole bunch of different things to trade off against each other.

I'm assuming that the database is being used as a back-end for some other system, and that your users don't have direct access to a SQL prompt. In that case, there are no real benefits to creating different MySQL users - it simply makes the front-end more complex, and an attacker who can reach the database and knows the "read-only" credentials almost certainly also knows the "read/write" credentials. From a security point of view, you should invest your time in network security of the database server, and secure storage of connection details.

From a concurrency point of view - two or more users reading and writing at the same time - you won't really gain anything either. This particular requirement is one of the things relational databases do very well, and I don't think it's affected at all by the permissions of the users - it's far more to do with whether you're using transactions, and how quickly your SQL executes.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜