Database permissions owncloud DB user


#1

Hi! :slight_smile:

According to the installation documentation, the database user should be granted all privileges for the database:

But after the installation from a security standpoint is that really necessary to keep it that way?

Is there any recommendations on what the bare minimum (read secure) settings on the datebase user is?

Thanks!


#2

I quickly checked database-level privileges of servers, they are CREATE, DROP, EVENT, GRANT OPTION, LOCK TABLES, and REFERENCES. ownCloud is using most of them of these privileges and in my opinion, there is no problem on granting ALL PRIVILEGES at the database level. If you have any reasonable concern, you can create a pull request to change documentation.


#3

Thank you for your answer @karakayasemi :facepunch:

Well it is more if a hacker would gain access somehow. if all is granted they can really mess you up. So why not remove the ones that are not really necessary, right?
That will at least limit some of the damage the hacker could do… :thinking: