Page 1491 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1491
server should have the smallest set of privileges possible. If the web
application needs only to retrieve data, it should have that ability only.
In the example, the DELETE command would fail if the account had
SELECT privileges only.
