Dear mySQl community, In the following I do not only list a problem, others might also run in, but I also want to point out a stangeness of one of your fixes.
Recently there was a change in 3.23.49 (on Debian/Woody): * Applied patch for a bug that wrongly interpreted '_' in conjunction with the GRANT PRIVILEGES command as wildcard instead as literal character giving an unprivileged mysql user the possibility to grant himself rights on tables he has no privileges on. [CAN-2004-0957, http://bugs.mysql.com/3933] (Thanks to Sean Finney for creating the patch from the RedHat backporting and the MySQL bitkeeper changeset). Closes: #285276, #296674 Du to this, some of our users with permissions to db xyz00\\_% did not have any rights on such db name patterns anymore: mysql> GRANT ALL ON xyz00_abc.* TO xyz00_foo; ERROR 1044: Access denied for user: '[EMAIL PROTECTED]' to database 'xyz00_abc' We fixed this by giving rights to db xyz00_% instead of xyz00\_% by applying: echo "UPDATE mysql.db SET Db = concat(User,'_%') \ WHERE Db like '_____\\\\\\_\\%'" | mysql echo "FLUSH PRIVILEGES" | mysql So much, if somebody else runs into the same problem. But I don't think that the change was ok. Why not interpreting "_" as a wildcard character, but "%"? And I hope you will not also disable "%" here. I might have misunderstood the error report, but if somebody grants rights to dbs including _, it should be interpreted as a wildcard. If \_ is used, it should be a _ character with no wildcard functionality. Who is wrong? Michael -- Michael Hönnig|Boytinstr. 10|D-22143 Hamburg | http://michael.hoennig.de http://www.skype.org:mhoennig|http://www.jabber.org:[EMAIL PROTECTED] business networking: http://www.openbc.com/go/invuid/Michael_Hoennig GPG KeyID EC5C271A -- 9DC0 53EC 1549 DA84 A939 15CC C0B7 8FBF EC5C 271A -- Hostsharing eG / Boytinstr. 10 / D-22143 Hamburg phone+fax: +49 700 HOSTSHARING (= +49 700 46787427) Homepage: http://www.hostsharing.net Networking: http://www.openbc.com/go/invuid/Michael_Hoennig -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
