diff README.rst @ 209:0c2936ea34bf

Document the unprivileged user possibility in the README.
author Daniele Nicolodi <daniele@grinta.net>
date Thu, 17 Nov 2011 11:47:28 +0100
parents dd5e5fc17a62
children 2a9af8163c46
line wrap: on
line diff
--- a/README.rst	Thu Nov 17 11:46:12 2011 +0100
+++ b/README.rst	Thu Nov 17 11:47:28 2011 +0100
@@ -60,7 +60,7 @@
 Chose a database name at will: this database will be created during
 the application initialization. The user used in the connection should
 be an user with administrative capabilities on the MySQL database,
-ordinarily the `root` user.
+ordinarily the `root` user [1].
 
 Remember to set an unique encryption key for the SECRET_KEY parameter.
 This key is used in the application for generating cryptographic
@@ -106,6 +106,40 @@
 and connect to it at the address http://localhost:5000/
 
 
+[1] An user with the the minimum set of privileges required for
+running the application may be obtained with the following SQL
+commands::
+
+    CREATE USER <username>@'localhost' IDENTIFIED BY <password>;
+
+    GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, CREATE VIEW,
+    CREATE USER ON *.* TO <username>@'localhost' WITH GRANT OPTION;
+
+    GRANT EXECUTE, CREATE TEMPORARY TABLES
+    ON <database>.* TO <username>@'localhost';
+
+However, due to MySQL server limitations, this minimum set of
+privileges allows the user to grant himself additional privileges, and
+more generally to modify MySQL administrative tables.  Therefore, this
+is not an effective protection from security issues.
+
+The initialization of the database and the upgrade procedure require
+additional privileges than the ones listed above. Therefore, the
+command line administration tool `install` and `upgrade` commands
+allow to connect to the database with a different user than the one
+specified in the configuration file, via the `--user` and `--password`
+parameters. Example::
+
+    # ./bin/admin install --user root --password <password>
+
+An user account with username and password specified in the
+configuration file, and with minimum privileges suitable for running
+the application, may be created during the database initialization
+procedure with the `--create-user` option of the `install` command::
+
+    # ./bin/admin install --create-user --user root --password <password>
+
+
 Deployment
 ----------