Create a new database + user with php script -- Secure

Question

I have a web application that should manage a multi client solution. Due to the complexity of the solution, each client would require 4 database to store data.

The portal itself is another database that sits on top. I now think of making the administration a bit easier and extented the script of new client creating.

The script should automatically create a set of 4 new databases, create a new user based on form input and grant that user access. Finally it should store that credentials in the user configuration.

Problem: I'm a bit concerned to store credentials of a admin user in a php script. I guess the script must have a powerfull user to be able to create users, databases and also grant access.

Are there any best practice how to ensure that the application is protected?

Answer 1

Best practise would be to not do that.

I'm a developer that works on a seriously complex system. We have several different teams working on multiple interconnected systems that all works towards the same database, almost. We have split some data over multiple databases, generally separated by country, for performance reasons. But they all have the same design and are created manually when need arises.

I fail to see that you have a system so complex that it would require you to have separate databases. MySQL can handle many rows.

So instead of splitting databases, or even tables, per client, just connect each row with a client_id. Then you don't have to have extra sensitive credentials in your code and can safely follow the "Least privilege"-principle

If you still feel that you absolutely, without a doubt, need to have a database per client, consider these points:

• Does it really need to be made automatically, or can you not do it manually whenever a new client is added?
• Make sure the file is not accessible from the outside, which applies to any type of credentials you might need.
• For the love of god, don't post your credentials on github.