Hello, Giving "ALL PRIVILEGES" doesn't give the GRANT option, so basically, if you run this command, it will give xwiki user all the rights, but to that one only. Beyond that, I don't see how the reload privilege could be dangerous at all to give.
The only way to make it more secure is to grant the rights for every database, one by one. We used to meet people having issues during wikis creations, because of lack of privileges, that's why the documentation directly advise to give all privileges to everything. So of course, you can also pick the exclusive rights you want to grant, but since you need to do that for every database, it may be a bit long. Good luck Guillaume 2014-04-14 9:43 GMT+02:00 Martin Hamant <[email protected]>: > Hi, > > It is mentioned in the documentation "Give all privileges to the xwiki > user for accessing and creating databases" - because the user to be able to > create additional databases for sub-wikis ; but isn't it a little pushy to > give *all* the privileges (Grant, reload...) to the xwiki user ? > > How could I secure the xwiki mysql user account a little more ? > _______________________________________________ > users mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/users > _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
