#3 Possible Security Issue

[Anonymous]

Note it should be a huge security improvement to only allow "create,insert,update,select" privileges only to those who are security
conscious. The mysql grant FILE and All Privileges allow way too much
power to the barnyard daemon. If barnyard is compromised, then would-be hacker would have full access to the all
databases on the system and possibly control over the barnyard process. A jail could be created, but isn't better to use SQL's built-in
grant tables ?
if I understand it correctly, the grant FILE permission is used for speed
of data entry. I think it would benefit users to have an option to use
only the four privileges above instead of SQL routine 'load_data_infile.'

A separate cron job could be run for maintenance that should fulfill
any delete, indexing or other processing requirements.