On 02.01.2006 13:41 (+0100), Imran Chaudhry wrote: > GRANT and REVOKE are essential to your database security, I would > think twice before adding a "layer" on top of them. There is potential > for error and you dont want that where security is related. It is > probably worth the "pain" of learning the ins and outs of > GRANT/REVOKE.
I wanted to create a tool that manages these privileges with a simple interface. To me, GRANT is a privilege like others are. I know that GRANT is a very powerful privilege but it's still a privilege and I don't want to handle same things differently, that's just stupid as for the application design. Not sure what the SQL inventors thought about it some decades ago, where computers didn't have to be easy to handle. I won't make much usage of that special privilege anyway, I'll mostly allow single users read/write/definition access to single databases. But when I want to revoke all privileges from a user, I also want the GRANT privilege to be revoked, and for this I currently need a second command. Well, doesn't matter, SQL is complicated and that's what my tool works around: # mysqlmgr add database www1 # mysqlmgr add user www1 password xxx # mysqlmgr allow user www1 database www1 read write define ;) -- Yves Goergen "LonelyPixel" <[EMAIL PROTECTED]> "Does the movement of the trees make the wind blow?" http://newsboard.unclassified.de - Unclassified NewsBoard Forum -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]