mysql用户权限会影响性能吗? [英] Do mysql user privileges influence performance?

查看:172
本文介绍了mysql用户权限会影响性能吗?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我开始在公司要接管的基于Web的系统上进行维护.它很大(至少对于我们的标准而言).系统的设计者创建了一个具有两个用户的数据库,一个用户仅具有SELECT特权,另一个用户具有UPDATEDELETEINSERT特权.

I'm starting to do maintenance on a web based system my company is taking over. It's quite large (at least for our standards). The designers of the system have created a database with two users, one with only SELECT privileges and the other also has UPDATE, DELETE and INSERT privileges.

我想知道为什么他们会这么做.当执行它们的用户仅具有SELECT特权时,SELECT语句是否更快?如果没有,还有什么其他原因要做这样的事情?

I was wondering why they would have done this. Are SELECT statements faster when the user who executes them only has SELECT privileges? If not, what other reasons are there to do something like this?

注意;我目前无法与原始开发人员联系,我知道这将是获得答案的简便方法....

Note; I can't contact the original developers at this moment, I know that would be an easy way to get an answer....

基于答案,我还有其他一些问题. Web应用程序是唯一使用数据库的应用程序.没有其他人连接到数据库.程序员(只有两个)完全控制所连接用户的操作.他们为代码中的注入做好了充分的辩护.难道只有两个用户的解决方案会使事情变得更加复杂吗?这种安全性"真的必要吗?

based on the answers I have some other questions. The web-application is the only application that uses the database. No one else connects to the database. The programmers (there were only two) have full control over what the connected user does. They have defended well against injections in the code. Isn't the solution with two users just making things more complicated? Is this kind of "security" really necessary?

推荐答案

要回答您的问题,特权不会影响性能.它们确实影响您可以对数据库执行的操作.唯一的性能影响特权是检查是否具有该操作的require特权.用户不受其他特权的影响(或受到微不足道的影响).

To answer your question privileges do not influence performance. They do influence what you can do to the database. The only performance impact privileges have are the check to see if you have the require privilege for the operation. This is not (or trivially impacted) by other privileges available to the user.

很明显,实现者遵循(至少部分地)最低特权原则.这是良好的安全做法.鉴于您有两个ID,我假设它们是用于应用程序的.仅需要读取数据的应用程序应使用仅具有选择"特权的用户ID.其他应用程序应使用其他用户ID.

It is clear the implementers followed (at least partially) least privilege principles. This is good security practice. Given you have two ids, I assume they are for applications. Applications only need to read the data should use the user id with only Select privileges. Other applications should use the other user id.

未使用该应用程序的个人用户应拥有自己的具有适当特权的用户ID.

Individual users not using the application should have their own user id with appropriate privileges.

如果您有需要更新数据但不能删除数据的用户或应用程序,我将使用仅具有SELECT,INSERT和UPDATE特权的用户ID.

If you have users or applications which need to update data but should not be able to remove data I would use a user id with only SELECT, INSERT, and UPDATE privileges.

这篇关于mysql用户权限会影响性能吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆