Hi, I heard from my programmer that a database with privileges for its user will allow the user to delete the database. Basically he told me to delete the privilege, but the site need login authentication, he didnt' explain much. He said its a security issue to allow privilages with the mysql user privilege. Can someone explain anything about database/privlleges/security stuff. Thanks Alot
Well there are plenty of resources on the mysql website explaining it in detail but the basic idea is instead of using "root" you setup a new user that has very limited access to your database and you ensure your application connects to the Database using the new user you created. With only select/update/insert access for example the user will be unable to do anything too bad like drop a table.