Under my "Database Manager" I recently chose to "Add User".

This was done "For User Role": " Read/Write". With the intention that the new connection would lessen security vulnerability to mysql tables, for those with registered usernames and passwords. (as opposed to using main 'database administrator' connection)

Also I want to "Add User" for those site users browsing tables via mysql queries, having only "Read" priviledges. -For the general public.

Yet I've received conflicting opinions on this subject from my host, including a tech who tells me that this menu option is mainly for developer access to script development on the site. It won't affect the abilities of those browsing the site tables, and that if I am concerned about security I should look rather into SQL injection techiques used to penetrate.

Am I being given the runaround or is my host being honest? (there was considerable difficulty getting the newly "Added User" to connect)