|Subject||Users for application|
I don't know if this specific question has been asked - but searches haven't given me a close enough answer so hopefully this is a little new.
Separate from security theories and considerations of "good practice", what, if any, benefits accrue from using multiple users when accessing a Firebird database?
If that's too general a question, here's my specific need. I have a database that has at least three simultaneous connections via PHP. I have two long-running PHP daemons (yes I know PHP isn't intended for such but it works and allows me to keep a consistent code base). These listen for external events and update the database accordingly. Part of their updates do involve reads as well. Then the main application is PHP via Nginx/php-fpm.
I cache the database connection via the http session for the application - the daemons just keep the connection open as an application global.
At this time, everything is just using the SYSDBA user. I'm not certain, but I think from time to time there is a visibility issue. I'll update information via the web application, and confirm it in both the web application and FlameRobin - but my daemons don't seem to see the changes. Stopping/starting the daemons appears to correct the problem. As I say - this is totally unconfirmed and I'd need more testing to narrow this down.
Again - separate from security considerations - are there any reasons/benefits to creating and using individual users for each of these connections? Security-wise, I'm the only user and the server isn't internet exposed so I'm not terribly worried at the moment.