That's a great idea (& one I was aware of - thanks) but that doesn't
answer my question :-)
Unless you are implying that my assumption was correct (ie DELETE,
INSERT, SELECT, and UPDATE
).
On 2/5/25 18:37, Reindl Harald (privat) wrote:
you can specifiy even two users to seperate read-only and writes
$rcmail_config['db_dsnw'] =
'mysqli://roundcube_rw:*****@127.0.0.1:3306/roundcube_db';
$rcmail_config['db_dsnr'] =
'mysqli://roundcube_ro:*****@127.0.0.1:3306/roundcube_db';
Am 02.05.25 um 10:00 schrieb Matthew J Black:
Hi All,
I am enquiring as to the *minimum* privileges required by the
RoundCube user to access the backend SQL (MariaDB) Server.
Yes, I am aware that the Wiki says (on the Installation page) to use
`GRANT ALL PRIVILEGES`, as do all of the On-Line Tutorials scattered
across the Web. However, that is a *massive* security hole,
especially if the backend server is *not* the same as the web server
hosting RoundCube. Surely, for example, the RoundCube User does *not*
need the ability to create other users or tables, drop the backend
database, or grant privileges to other users.
Thus, I am enquiring what *are* the *minimum* privileges required?
I am going to assume - and please correct me if I am wrong - that the
*required* privileges are:
* DELETE, INSERT, SELECT, and UPDATE
If this information is available on-line, could someone please point
me in the correct direction - if not, could one of the devs and/or
one of the experienced RoundCube users please let me know this
information - thank you.
--
PEREGRINE I.T. Pty Ltd Signature
==================================================
*Matthew J BLACK*
M.Inf.Tech.(Data Comms)
MBA
B.Sc.
MACS (Snr), CP, IP3P
When you want it done /right/ – the first time!
Phone: +61 4 0411 0089
Email: matt...@peregrineit.net <mailto:matt...@peregrineit.net>
Web: www.peregrineit.net <http://www.peregrineit.net>
View Matthew J BLACK’s profile on LinkedIn
<https://au.linkedin.com/in/mjblack>
This Email is intended only for the addressee. Its use is limited to
that intended by the author at the time and it is not to be distributed
without the author’s consent. You must not use or disclose the contents
of this Email, or add the sender’s Email address to any database, list,
or mailing list unless you are expressly authorised to do so. Unless
otherwise stated, PEREGRINE I.T. Pty Ltd accepts no liability for the
contents of this Email except where subsequently confirmed in writing.
The opinions expressed in this Email are those of the author and do not
necessarily represent the views of PEREGRINE I.T. Pty Ltd. This Email is
confidential and may be subject to a claim of legal privilege.
If you have received this Email in error, please notify the author and
delete this message immediately.
BEGIN:VCARD
VERSION:4.0
N:Black;Matthew J;;;
FN:Matthew J Black
EMAIL;PREF=1;TYPE=work:matt...@peregrineit.net
URL;TYPE=work:https://www.peregrineit.net
ADR:;;11 Bailey Avenue;East Tamworth;NSW;2340;Australia
TEL;TYPE=cell;VALUE=TEXT:0404110089
TZ:Australia/Sydney
TITLE:Principal
ROLE:CEO/CIO
ORG:PEREGRINE I.T. Pty Ltd
BDAY;VALUE=DATE:19680928
END:VCARD
_______________________________________________
Users mailing list -- users@lists.roundcube.net
To unsubscribe send an email to users-le...@lists.roundcube.net
