List:General Discussion« Previous MessageNext Message »
From:Jason Pruim Date:August 23 2007 4:37pm
Subject:Re: Database architecture and security
View as plain text  
On Aug 23, 2007, at 11:50 AM, David T. Ashley wrote:

> On 8/23/07, Jason Pruim <japruim@stripped> wrote:
>>
>> I am planning on having the database open to customers of mine to
>> store their mailing addresses on-line, and be able to manage the
>> records.
>>
>> Is it safe, to have 1 database with lots of tables? Or am I safer
>> setting up separate databases for everyone?
>>
>> I should mention, no one will be accessing the database directly,
>> it'll be through a web interface and php to display it.
>
>
> Assuming that the web server runs on the same box as the MySQL  
> daemon ...
> you want to firewall the server so that nobody can connect to the  
> MySQL
> daemon directly from outside the box.  It is also a bad idea to  
> allow the
> users to have shell accounts on that box unless you have taken  
> additional
> security precautions (specifically, being sure the MySQL userid/ 
> password
> you're using are secure from all but the web server UID/GID, and  
> that no
> other userid/passwords have access to the database you're using).
>
> Once that is done, all access to the database is controlled by the PHP
> scripts, and there is no security advantage to having multiple  
> databases.
>
> I'm assuming that users have to log in individually (jsmith,  
> bjones, etc.)
> and that the PHP scripts then carefully control what each user is  
> allowed to
> modify.
>
> I'm also going to assume that you've handled all the obvious  
> technology
> issues, such as:
>
> a)Database transactions/atomic actions.
>
> b)Terminating TCP connections and ensuring that each PHP script  
> runs to
> completion, anyway, and that the database isn't left in an  
> indeterminate
> state due to this.
>
> Dave.

The server is currently firewalled to block all but the necessary  
ports from outside the local network.

No user, other then myself, and a few admins on the server will have  
shell access...

The MySQL userid/password will be changed once I go live with it, or  
get into the final testing.

What do you mean by "b"? If all the connections come from the local  
box how could I configure that to make sure it's all set up so it  
won't leave the database all messed up?



--

Jason Pruim
Raoset Inc.
Technology Manager
MQC Specialist
3251 132nd ave
Holland, MI, 49424
www.raoset.com
japruim@stripped
Thread
Database architecture and securityJason Pruim23 Aug
  • Re: Database architecture and securityRolando Edwards23 Aug
    • Re: Database architecture and securityJason Pruim23 Aug
  • Re: Database architecture and securityGary Josack23 Aug
    • Re: Database architecture and securityJason Pruim23 Aug
  • Re: Database architecture and securityDavid T. Ashley23 Aug
    • Re: Database architecture and securityJason Pruim23 Aug
      • Re: Database architecture and securityDavid T. Ashley23 Aug
  • RE: Database architecture and securityJerry Schwartz23 Aug
    • RE: Database architecture and securityWm Mussatto23 Aug