I don't know if this specific question has been asked - but searches
haven't given me a close enough answer so hopefully this is a little
new.
Separate from security theories and considerations of "good practice",
what, if any, benefits accrue from using multiple users when accessing a
Firebird database?
If that's too general a question, here's my specific need. I have a
database that has at least three simultaneous connections via PHP. I
have two long-running PHP daemons (yes I know PHP isn't intended for
such but it works and allows me to keep a consistent code base). These
listen for external events and update the database accordingly. Part of
their updates do involve reads as well. Then the main application is
PHP via Nginx/php-fpm.
I cache the database connection via the http session for the application
- the daemons just keep the connection open as an application global.
At this time, everything is just using the SYSDBA user. I'm not
certain, but I think from time to time there is a visibility issue.
I'll update information via the web application, and confirm it in both
the web application and FlameRobin - but my daemons don't seem to see
the changes. Stopping/starting the daemons appears to correct the
problem. As I say - this is totally unconfirmed and I'd need more
testing to narrow this down.
Again - separate from security considerations - are there any
reasons/benefits to creating and using individual users for each of
these connections? Security-wise, I'm the only user and the server
isn't internet exposed so I'm not terribly worried at the moment.
--
Daniel
