Mysql drop permission for WordPress

We are running a WordPress site and one of the plug-ins requires drop permission on the database. (We currently do not grant drop permission and have not needed to for any other plug-ins.)

Is there a security concern if I grant the public connection/user drop privileges?

Read More

The plug-in in question is simplepress and we receive an error asking for drop permissions:

[DROP command denied to user xxxxxxx for table ‘wp_sfwaiting’] TRUNCATE wp-sfwaiting

Related posts

Leave a Reply

1 comment

  1. Mysql changed in that it requires DROP permission since 5.1.16:
    Check it here.

    Truncate is often used as a fast table clear option (as recommended by MySQL themselves). It should be changed to delete from <table> by that plugin programmer to get away only with the DELETE permission.

    Until that you may grant drop only for that specific table..