DB Owner Cross Ref. Table to Prevent Unwanted DROP

P

presgraph

New member
Joined
Oct 3, 2006
Messages
4
Not sure if this has been noted before, but DA dropped a live database today when deleting a user. The database didn't belong to the user that was being deleted.

The db prefix matched the username (eg. "someuser_db", where the username being deleted is "someuser"). The db in fact belonged to the admin account and pre-dated the "someuser" account.

Should a "cross reference" or ownership reference be added to DA that will only drop DBs that were definitely created by the user that is being deleted?

Just a suggestion. Now that I know this behavior I will watch my nomenclature, but it may be a point worth consideration.

Cheers,
_Z
 
Isn't the real question How did the database get created?

Perhaps DA staff should look into the issue.

Jeff
 
Hello,

The only way DA keeps track of which database belongs to which user is by the database name prefix username_dbname. There are no other lists stored anywhere. If you were to have gone into your MySQL page as "someuser", the database would have shown up in your list even if it was created prior to the account. What you have described is an expected result based on the setup.

John
 
best practices

Another look at the problem:

The db was created by the admin user many months before the user account was created (with the same name as that particular db prefix).

I suppose best practices would dictate that every new site on the machine have a separate user (even if there are only a couple of developers) in order to segregate and prevent the single point of weakness associated with using only a couple of admin accounts and passwords that could be jeopardized.

This method is now adopted by myself, but in this case I simply needed to re-create the "someuser" and figured that since the db existed before the user account, it should really have no ill-effect in the cleanup process.

Although this issue need not be changed in DA, it certainly might be worth a small note on the confirm remove user screen. "All DBs with prefix 'someuser_' will be removed'...."

Cheers,
-Z
 
Last edited:
You must log in or register to reply here.
Back
Top