|Subject:||How to restrict evil create scripts?|
|Posted by:||Ward Bekker (wa…@NospaaMequanimity.nl)|
|Date:||Tue, 08 Aug 2006|
For a service I'm working on I need to ask the user for their database
create script. It's used to re-create the users database schema in a
temporary database on a in-house server in an automated fashion.
For security reasons, I need to be sure that the create script can only
create tables, columns etc and not things like snooping in other
databases and/or formatting the server.
Can you give me pointers about what the minimum grants are to let good
script execute successfully and evil scripts fail?