vincej Posted October 1, 2012 Share Posted October 1, 2012 HI - I work in a small company where I am solely responsible for all IT developments / infrastructure. My s/w is pretty solid, however I am a couple of "educated users" who insist on going into the database with their own downloaded reporting tools and pulling data out of MySql. Then of course something breaks and I have to clean up their mess. Politics prevents me from shutting them out of the systems entirely however, in the name of "security" I could do something to either prevent a connection, or obfuscate the data or something ... but I don't know what woudl be the best technical approach. Dealing with it through meetings and conversation etc has not had any effect. I need a technical solution. Many thanks for your suggestions ! Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/ Share on other sites More sharing options...
Jessica Posted October 1, 2012 Share Posted October 1, 2012 If they're only allowed to SELECT, they can't mess up anything. Give them a user account which does not have any UPDATE or DELETE privileges. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382124 Share on other sites More sharing options...
PFMaBiSmAd Posted October 1, 2012 Share Posted October 1, 2012 Why do users in the office even know the database username/password? Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382126 Share on other sites More sharing options...
ManiacDan Posted October 1, 2012 Share Posted October 1, 2012 Like Jesi said, give them accounts with only SELECT access, then they can't do anything but lock the tables. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382127 Share on other sites More sharing options...
The Little Guy Posted October 1, 2012 Share Posted October 1, 2012 Build a php page that gives them only the functionality that they need. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382130 Share on other sites More sharing options...
ManiacDan Posted October 1, 2012 Share Posted October 1, 2012 Build a php page that gives them only the functionality that they need. If they're typing raw queries, this will still allow them to break things. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382144 Share on other sites More sharing options...
The Little Guy Posted October 1, 2012 Share Posted October 1, 2012 If they're typing raw queries, this will still allow them to break things. If they do the same queries all the time you could run it for them, and then do less clean up afterwards. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382146 Share on other sites More sharing options...
ManiacDan Posted October 2, 2012 Share Posted October 2, 2012 If they do the same queries all the time you could run it for them, and then do less clean up afterwards. But he says that he can't do that: Politics prevents me from shutting them out of the systems entirely however Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382237 Share on other sites More sharing options...
KevinM1 Posted October 2, 2012 Share Posted October 2, 2012 Like Jessica said, change the root password and give them user accounts with limited privileges. Also, if you're solely responsible for your company's IT, then you're the one with power/leverage. Have a cordial, but firm, talk with your boss, and explain that the monkeys are making it harder for you to do your job. Their unfettered access forces you to waste time (which is money) cleaning up after them, and presents a danger to the data itself. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382241 Share on other sites More sharing options...
ManiacDan Posted October 2, 2012 Share Posted October 2, 2012 Time and money is what you should focus on. Don't use words like "annoying" or "trouble," tell him that you did the math, and it costs the company $400/mo to give these people access to the data. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382244 Share on other sites More sharing options...
spiderwell Posted October 2, 2012 Share Posted October 2, 2012 yup i managed to get our dev environment changed by explaining it in a way that showed it was losing money with the current set up. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382260 Share on other sites More sharing options...
derwert Posted October 5, 2012 Share Posted October 5, 2012 vincej if you really can't remove their access to the server which would be my prefered solution then one option would be to give them access to a low end server that has the data duplicated over to it on a scheduled basis, let them run wild on that instead of the primary server. I don't like the idea of giving them even just the ability to run selects on the primary server, one wrong query and the cpu can spike and halt everything. Quote Link to comment https://forums.phpfreaks.com/topic/268976-how-to-protect-data-in-mysql-from-peskey-users/#findComment-1382776 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.