2

As part of the Symfony set up, I need to perform this task:

php app/console doctrine:schema:update --force

Which fails if the user I specify in app/config/parameters.ini does not have all privileges. Fair enough, because if you want to update the schema, you would need sufficient privileges to be able to restricted operations such as dropping/ altering tables.

However, what concerns me is that in regular usage of the app, this same database user is also going to be used. I see this as a security vulnerability.

How should I avoid this?

--

Extra info:

Symfony 2 : multiple and dynamic database connection

This question shows me how I can specify multiple databases for Symfony to use. Would this be of use to me? I don't really need to be able to switch between databases, but just be able to specify that the app, when running uses a restricted user; however, in systems administration time, I need to be able to use root privilege.

Improve this question

1 Answer 1

Reset to default
2

In config.yml, use the root user. This will work from the console and from dev mode.

    doctrine:
          dbal:
             driver:   %database_driver%
             host:     %database_host%
             port:     %database_port%
             dbname:   %database_name%
             user:     root
             password: pw
             charset:  UTF8

In config_prod.yml, add that same block of config but change the username/password. Then, when the app is running in production mode, it will use the less-privileged user.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.