this is how all hosting control panels work, and tools like PHPMyadmin, so it is quite normal. Obviously you would need to make sure that the API itself is secure and password protected.
On Sun, Aug 28, 2011 at 11:48 AM, Richard White <[email protected]> wrote: > > Hi, > i am creating a management API to manage my clients' software. > > The benefit is that at a click of it will setup or delete the clients > databases etc... > > what do you guys think of the security of this as i am presuming this would > need to have root access into MySQL as it needs to have the ability to > create and delete databases, set grants etc... > > is it wrong from a security point of view to have a cf data source that > accesses the root user in MySQL? > > thanks > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:347059 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
