Before we actually do anything with the database, let's consider what it is we want from the osCommerce database in terms of security. To do this, we refer back to the list of considerations given at the beginning of the File-System Security section since securing a file system and a database have the same conceptual roots. Combining these considerations with an appreciation for how security is implemented on a database will allow us to come up with a pretty good security policy.
Apart from this, we also really need to know where the database is going to be. This may seem silly at first because you are used to having everything housed on your development machine, but it is possible that your database and your web server are not on the same machine or even at the same address. Separating web servers and mail servers from database servers out into different physical places is a common practice with larger companies, and you might need to ask your host what the deal is with...