Least Privilege Database Access

1 min read Application Security

Least Privilege Database Access

Implement principle of least privilege for database connections:

-- Create limited user for web application
CREATE USER 'webapp'@'localhost' IDENTIFIED BY 'strong_password';

-- Grant only necessary permissions
GRANT SELECT, INSERT, UPDATE ON myapp.users TO 'webapp'@'localhost';
GRANT SELECT ON myapp.products TO 'webapp'@'localhost';
GRANT EXECUTE ON myapp.GetUserByEmail TO 'webapp'@'localhost';

-- Explicitly deny dangerous permissions
REVOKE FILE, SUPER, CREATE, DROP, ALTER ON *.* FROM 'webapp'@'localhost';

Application-level privilege separation:

# Ruby on Rails example with different database connections
class User < ApplicationRecord
  # Standard user operations use limited connection
  establish_connection :limited_user
end

class AdminReport < ApplicationRecord
  # Administrative reports use read-only connection
  establish_connection :readonly_user
end

# Configuration
database_config = {
  limited_user: {
    adapter: 'mysql2',
    username: 'webapp_limited',
    password: ENV['LIMITED_USER_PASSWORD'],
    database: 'production'
  },
  readonly_user: {
    adapter: 'mysql2',
    username: 'webapp_readonly',
    password: ENV['READONLY_PASSWORD'],
    database: 'production',
    readonly: true
  }
}