I've read several resources in designing my application and one of them was the principle of least privilege in information security:
In information security, computer science, and other fields, the principle of least privilege, also known as the principle of minimal privilege or just least privilege, requires that in a particular abstraction layer of a computing environment, every module (such as a process, a user or a program on the basis of the layer we are considering) must be able to access only such information and resources that are necessary to its legitimate purpose.
With this in mind I decided that I require 3 distinct database users to access my database:
- Read only
- Volatile - Insert, update, delete
- Admin - lock, backup, alter
With Symfony it seems to me that it's designed with a single database user in mind and although it appears that it's possible to use multiple users/connections (http://symfony.com/doc/current/cookbook/doctrine/multiple_entity_managers.html) it also appears that this is not recommended as the standard practice:
Using multiple entity managers is pretty easy, but more advanced and not usually required. Be sure you actually need multiple entity managers before adding in this layer of complexity.
My questions then are:
- Am I making this more complicated that it needs to be?
- Does using a single database user make my Symfony less secure?
- Is the article I linked to the correct way to achieve the least privilege principle in Symfony?