This article recommends the UNIX nobody user to access MySQL from Joomla scripts. Is this standard practice? Moreover, is it reasonable to use it, say, both for Joomla and WordPress?
Asked
Active
Viewed 60 times
2 Answers
2
This question makes no sense. You don't use unix users to access mysql, it has its own access control and its own users/passwords.
The second part of the question makes some sense and the answer is no. As with anything, separate privileges as much as possible. Create separate users for joomla and wordpress and don't give them access to each others schemas.
Dennis Kaarsemaker
- 18,793
- 2
- 43
- 69
-
OK, thanks for clarifying. In attempting to separate privileges as much as possible, would you go as far as setting up a different MySQL user for each CMS site (ignoring for a moment modern multi-site options) that talks to MySQL? – ezequiel-garzon Jan 19 '13 at 22:48
-
1Yes, I would separate as much as possible. – Dennis Kaarsemaker Jan 19 '13 at 22:53
1
No, this article does not recommends the UNIX nobody user to access MySQL :
- The article is not talking about UNIX nobody user but about mysql account.
- The article did not explicitly recommend using nobody
- IMHO the article author just picked the wrong username : Something like "exampleuser" instead of "nobody" would have been more accurate.
Here are a few security tips :
- Using UNIX nobody user for anything is a bad™ idea.
- Avoid using joomla if possible.
- Look at article author. Keep in mind that webmasters have poor technical/security knowledge : Their job is to do beautiful websites.
-
Thanks for the detailed reply. (Your answer seems OK too, so upvoted.) – ezequiel-garzon Jan 19 '13 at 22:51