dannyman.toldme.com


Technical

MySQL: Backup User Privileges

Q: What privileges must I grant to a MySQL user to allow them to run mysqldump?

A: LOCK TABLES, SELECT seems to do the trick.

Example: GRANT LOCK TABLES, SELECT ON mydatabase.* TO 'backup'@'backuphost' IDENTIFIED BY 'somecoolpassword';

Principle of least-privilege: don’t entrust your backup host with the power to hurt the database if you don’t have to. SELECT allows the user to read data, and LOCK TABLES allows the user to lock the tables while running a “snapshot” . . . and of course, narrow the privileges to a specific user-host-password tuple.

Read More

Next:
Previous:
Categories: Technical

Danny Howard is 100% responsible for the content on this site, except some of it is stolen. (Sorry about that.)

Intellectual property on this web site is reserved for re-use under the terms of the Creative Commons license. Derivative works may be created for non-commercial purposes, with proper attribution.

You can contact me via e-mail: dannyman@toldme.com

Most of //dannyman.toldme.com/ is powered by WordPress.

If you're hip to RSS and whatnot, you can subscribe to this site.

Mastodon

Discover more from dannyman.toldme.com

Subscribe now to keep reading and get access to the full archive.

Continue reading