William R. Dickson wrote:
OK, I strongly suspect I've just done something stupid here, but I'm
having trouble figuring it out. I had a disk go bad on a MySQL server
this past weekend. I did a clean system install (FreeBSD 5.4) on a new
disk, installed the MySQL 3.23 port, and restored the mysql data
directory from backup. Everything is working fine...except now, every
user is able to get a list of every database on the system. They can't
actually use the databases, but I'd rather they couldn't get the list,
either.
Following some suggestions I found in the list archives, I did a SHOW
GRANTS and found the following (database names match usernames):
GRANT USAGE ON *.* TO 'username'@'%' IDENTIFIED BY PASSWORD 'blablabla'
GRANT ALL PRIVILEGES ON `username`.* TO 'username'@'%'
I suspect that the problem lies with every user having "USAGE'
privileges on every database (although entering "use otherusername;"
returns an error indicating the user has no permissions to read the
database). However, I can't seem to revoke this privileges. I can't
even find the privilege in any of the tables.
Can someone point my addled brain in the right direction here?
Thanks!
-Bill
I know it is counter-intuitive, but "USAGE" means no privileges. In 3.23,
seeing all databases is the default behavior, turned off by starting mysqld with
the --skip-show-database option. This changed to the behavior you are expecting
in 4.0.2.
See the manual for more
<http://dev.mysql.com/doc/refman/4.1/en/show-databases.html>.
Michael
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
