CLAassistant
commented
1 year ago
All committers have signed the CLA.
Open clayrosenthal opened 1 year ago
CLAassistant
commented
1 year ago
All committers have signed the CLA.
dopey
commented
1 year ago Hey @clayrosenthal 👋 , thanks for posting a PR and sorry for the delay.
So, is the purpose of the checks just to provide a more accurate error message?
clayrosenthal
commented
1 year ago Hey @dopey, the purpose would be having multiple servers serving from one database, with only one having permissions to create and destroy tables. A side effect would be more descriptive error messages.
Similar to how running step-ca with a separate less privileged user of the actual server, I'd like to have a less privileged user accessing the database after it's been setup to reduce attack vectors while having high availability
dopey
commented
1 year ago Ok, I think I'm following. Basically Create Table If Not Exists will fail if it is underprivileged even if the table already exists. Is that right?
dopey
commented
1 year ago This PR is failing the tests due to the backticks in the SHOW queries. Not sure what to do since we added those so that the queries would accept databases and tables with names that needed to be escaped.
dopey
commented
1 year ago I created this PR - https://github.com/smallstep/nosql/pull/46 - based off yours with a few small fixes and additions. Still has the same issue with the query not working due to bad syntax.
Name of feature:
Database/table check before creation
Pain or issue this feature alleviates:
Allowing operation with less privileged mysql user
Why is this important to the project (if not answered above):
Is there documentation on how to use this feature? If so, where?
Ideally no workflow change, just slightly extra queries being run
In what environments or workflows is this feature supported?
In what environments or workflows is this feature explicitly NOT supported (if any)?
Supporting links/other PRs/issues:
Fixes #42
💔Thank you!