Minimum required permissions for SQL user?

This is not a Support area! Discuss about the Server here. Non-Server related discussion goes in Off-Topic Discussion.
Forum rules
READ NOW: L2j Forums Rules of Conduct
Post Reply
snap
Posts: 37
Joined: Thu Aug 06, 2009 7:55 pm

Minimum required permissions for SQL user?

Post by snap »

So lately I've been wanting to lock down the server a bit more and am wondering what the minimum permissions needed would be for an SQL user for the server?

These are obviously needed:
Select
Insert
Update
Delete (idfactory needs that)
Create

Now beyond those, I'm not 100% sure.
Drop? Reload? Shutdown? Process? File? Grant? References? Index? Alter? And so on and so on with the rest of the permissions. :?:

This is just for the user account that the server would use, nothing more. ;)
Top
lishawj
Posts: 253
Joined: Thu Apr 30, 2009 12:29 am

Re: Minimum required permissions for SQL user?

Post by lishawj »

Also take into consideration using accounts with limited access to only the tables it requires to get a function working. An example would be a web-based account creation/manager tool. This tool/software should only be using an account with limited access to only the tables relevant to creation and management of said account(s). It does not need access to anything else other then the tables require to generate/create and maintain user accounts.

Another example would be a Castle information type script/tool. This tool only need READ access to the required table(s) for that function and should not have access to accounts table or any other tables whatsoever. There are many ways to secure your server and these are the basics.

Tables privileges is a good start but good security goes beyond just privileges.
Top
Post Reply

Return to “Server Discussion”