I've done this and i'm doing this, its not hard, everyone that needs db access can read a readme and give me a public key in a matter of seconds. I'll take SSH over http-auth and a freaken app that can drop tables/database via a SQL injection bug any day of the week. Granted that could be from poor user management, as NOONE has access to do anything destructive.

I really don't care if you don't believe me, b/c this process has been fluid with 0 issues since i started using it about 6 years ago. Oh and yesterdays users were 100% ordinary users (it doesn't get much more ordinary than marketing), they were added to the slave group with select only, and didn't get added to anything production related.

To your next email, phpMyAdmin will never be part of a production stack. I'll trust that you know how to handle your users and trust that I will do what i feel is best for me.

On Wed, Apr 17, 2019 at 4:43 PM Reindl Harald <h.reindl@thelounge.net> wrote:

Am 17.04.19 um 22:39 schrieb Jeff Dyke:
> How can you say it doesn't scale when you have now idea how i'm set up.
> I had to add 5 users yesterday, took 5-10 (mostly talking to people)
> minutes. Using a config mgmt system i set up ssh and mysql in the same
> single call to multiple database servers some users will have multiple
> logins based on the ability to read and the ability to write, which
> based on the configured security group. It scales quite well indeed and
> i don't have to worry about a php application were security risks are
> more prone to come with each update. Also http-auth takes admin as well.

yeah, explain ordianry users how to get ssh-certificates all day long
and don't come with "but for the tunnel password auth is enough" when
you weaken the most cruial service on a systemd for a damend web application

_______________________________________________
Mailing list: https://launchpad.net/~maria-discuss
Post to : maria-discuss@lists.launchpad.net
Unsubscribe : https://launchpad.net/~maria-discuss
More help : https://help.launchpad.net/ListHelp