> one solution: > > We created an admin account (ex. QUERY), that is granted no authority. > Which means it can do queries, but can't change anything. > For scripts that just do queries, we use that admin id and don't sweat > whether it's hackable. > Now in theory somebody could find out the password and SUBMIT A BIG QUERY > that ties up your server, > but really, so what.... not in my list of Worst Things to Worry About.
There is another potential issue with this approach. A user with no authority can run query or select commands that report client file names. One can readily imagine scenarios in which this capability raises serious privacy concerns.
