Frederic,
Wednesday, January 30, 2002, 4:56:11 PM, you wrote:
FT> Thanks Victoria, but will not this be very very insecure ? FT> I mean, by granting
access to mysql DB, user could drop it,
FT> or grab a passwd from another user in there. Am I missing
FT> something ?
If you create user with privileges on all databases (*.*), you get access not only to
user's databases but also to mysql db. It's impossible to create user with all
privileges but exclude something you want.
You set privileges on global level and statement like the following works using table
"user" mysql db:
GRANT ALL ON *.* TO ''@localhost
If you want to take off grants from user on mysql.*, it will work on database level
with table "db" mysql db:
REVOKE UPDATE ON mysql.* FROM ''@localhost
FT> Frederic Trudeau
FT> "My God ! It's full of stars"
FT> On Wed, 30 Jan 2002, Victoria Reznichenko wrote:
>> Frederic,
>>
>> Wednesday, January 30, 2002, 4:42:50 AM, you wrote:
>>
>> FT> I`ll make myself more clear here !
>>
>> FT> I work for a small ISP, we give a MySQL DB access to each of our corpo
>> FT> users, if they request it. We just build new more performant machines, and
>> FT> instead of giving them only a Database, in which they can create as many
>> FT> tables as they want, we want to give them some sort `root` DB access, in
>> FT> which they can create as many DB as they want, and so forth.
[skip]
>> FT> Now, each 'user*' is a DB, which is named after him, that can be accessed
>> FT> only by this particular user. In a sense, they are 'locked' in their own
>> FT> DB, and can create as many tables as they what, but they have to
>> FT> contact us to create yet another DB, for which we have to create another
>> FT> username + password ... We wish to grant them the priviledge of creating
>> FT> as much DB as they want.
You can create user by using GRANT, something like this:
GRANT ALL ON *.* TO ''@localhost WITH GRANT OPTION;
or
GRANT ALL ON *.* TO ''@'%' WITH GRANT OPTION;
Get some more info at: http://www.mysql.com/doc/G/R/GRANT.html
--
For technical support contracts, goto https://order.mysql.com/
This email is sponsored by Ensita.net http://www.ensita.net/
__ ___ ___ ____ __
/ |/ /_ __/ __/ __ \/ / Victoria Reznichenko
/ /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED]
/_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.net
<___/ www.mysql.com
---------------------------------------------------------------------
Before posting, please check:
http://www.mysql.com/manual.php (the manual)
http://lists.mysql.com/ (the list archive)
To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
