Hi All,
I am enquiring as to the *minimum* privileges required by the RoundCube user to access the backend SQL (MariaDB) Server.
Yes, I am aware that the Wiki says (on the Installation page) to use
GRANT ALL PRIVILEGES, as do all of the On-Line Tutorials scattered
across the Web. However, that is a *massive* security hole, especially
if the backend server is *not* the same as the web server hosting
RoundCube. Surely, for example, the RoundCube User does *not* need the
ability to create other users or tables, drop the backend database, or
grant privileges to other users.
Thus, I am enquiring what *are* the *minimum* privileges required?
I am going to assume - and please correct me if I am wrong - that the *required* privileges are:
- DELETE, INSERT, SELECT, and UPDATE
If this information is available on-line, could someone please point me in the correct direction - if not, could one of the devs and/or one of the experienced RoundCube users please let me know this information - thank you.
Thanks in advance
Cheers
Dulux-Oz
On 2.05.2025 10:00, Matthew J Black wrote:
I am going to assume - and please correct me if I am wrong - that the *required* privileges are:
- DELETE, INSERT, SELECT, and UPDATE
You will need also SHOW VARIABLES. I'm not sure there's a privilege for that. It should be enough for normal operations.
However schema initialization/update scripts use CREATE|DROP|ALTER|TRUNCATE TABLE, which may be done from core as well as on plugins' initialization/updates.
Thank you Aleksander, I'll take that into account :-)
On 2/5/25 19:02, Aleksander Machniak wrote:
On 2.05.2025 10:00, Matthew J Black wrote:
I am going to assume - and please correct me if I am wrong - that the *required* privileges are:
* DELETE, INSERT, SELECT, and UPDATE
You will need also SHOW VARIABLES. I'm not sure there's a privilege for that. It should be enough for normal operations.
However schema initialization/update scripts use CREATE|DROP|ALTER|TRUNCATE TABLE, which may be done from core as well as on plugins' initialization/updates.
I am enquiring as to the *minimum* privileges required by the RoundCube user to access the backend SQL (MariaDB) Server. I am going to assume - and please correct me if I am wrong - that the *required* privileges are:
- DELETE, INSERT, SELECT, and UPDATE
Yes you are right. I am using socket auth instead of having a SQL password. This way there is no password to leak in config files. And it successfully runs with only the 4 permissions.
CREATE USER apache@localhost IDENTIFIED VIA unix_socket; GRANT SELECT, INSERT, UPDATE, DELETE ON roundcube.* TO apache@localhost;
-
Aleksander Machniak -
list@ptld.com -
Matthew J Black