Home >Backend Development >PHP Tutorial >Recommended basic introductory tutorials on least privileges
Minimum permissions I used to have a car that had a maid key. This key can only be used in the ignition, so it cannot open the doors, console, or trunk. It can only be used to start the car. I can give it to the parking attendant (or leave it in the ignition), and I confirm that the key cannot be used for other purposes. It makes sense to give the parking attendant a key that won't open the console or trunk; after all, you might want to keep valuables in those places. But what doesn't make sense to me is why it can't open the door. Of course, this is because my point is about the revocation of authority. I was wondering why the parking attendant was stripped of his authority to open the door. In programming, this is a very bad idea. Instead, you should consider what permissions are necessary and give each person as little permission as they need to do their job. One reason why a maid key cannot open a car door is that the key can be copied, and the copied key could be used to steal a car in the future. This situation sounds like
1. PHP Security - Least Privileges
##Introduction: Least Privilege I used to have a car that had a maid key. This key can only be used in the ignition, so it cannot open the doors, console, or trunk. It can only be used to start the car. I can give it to...
2. How to turn off the export function of PhpMyadmin
Introduction: How can I turn off the export function of PhpMyadmin? I have a database and I don’t want to directly provide a data interface. At the same time, I want to provide as much convenience as possible with the minimum permissions. So I want to open PhpMyadmin and only press Select to authorize the database. Just enable the Select export function to use it. Now I want to turn off the export function of PhpMyadmin. How can this be achieved? ------Solution----------------
3. Accurately set the php-fpm sub-process user to improve Website security prevents Trojans from being hung
##Introduction: Correctly setting php-fpm sub-process users to improve website security Preventing Trojan Horses from Being Hanged Core summary: php-fpm The user used by the child process cannot be the owner of the website file. Anything that violates this principle does not comply with the principle of least privilege. ? Based on continuous feedback from the production environment, we found that there are constant Most of the reasons why PHP websites are hung with Trojan horses are due to unreasonable permission settings. Because of the server software, or php It is inevitable to have loopholes in the program. In this case,
Introduction: How can I turn off the export function of PhpMyadmin? There is a database, and I don’t want to provide a data interface directly, but at the same time I want to Provide the greatest possible convenience under the minimum permissions. So I want to open PhpMyadmin and only press Select to authorize the database. Just enable the Select export function to use it. Now I want to turn off the export function of PhpMyadmin. How can this be achieved? ------Solution----------------
#4.
Authorization Principles of MySQL Database
Introduction: This article describes how to allocate appropriate permissions to users. Several important principles are to allocate the minimum permissions to users, and try not to allocate them in the user table that affects the entire database.The above is the detailed content of Recommended basic introductory tutorials on least privileges. For more information, please follow other related articles on the PHP Chinese website!