Some permissions help

Victoria Reznichenko Thu, 28 Mar 2002 04:25:37 -0800

Ryan,
Thursday, March 28, 2002, 7:22:47 AM, you wrote:

RC> I'm working on a MySQL permissions problem, and would welcome some
RC> suggestions and/or comments, or to be pointed in the right direction.  The
RC> goals I have are:


RC>  a) Limit users to specific db's (no access to mysql.*/etc.)

You can't do this using only MySQL.

RC>  b) Eliminate anony browsing of db's.. and ideally eliminate
RC>     ability to view a complete list of all db's.

If you setup privileges on some database for user, user doesn't have
grants on other databases, but he can see the list of databases using
SHOW DATABASES command.

RC> First, I want to cut down anony privs.. (I honestly don't know what they are
RC> set to be default, so this might not be neccesary.)

RC> ----------------
RC> GRANT usage ON * TO ''@'localhost';
RC> ----------------

Or you can delete anonymous user from the 'user' table in the 'mysql'
database.

RC> Next, we want to assign privileges to individual users on the database, but
RC> make sure they can only access their OWN db's.  For this:

RC> ----------------
RC> GRANT create,delete,drop,index,insert,select,update ON users_db.* to
RC> 'user_name'@'localhost' identified by 'password';
RC> ----------------

RC> Would anyone be able to let me know if this could/should work? (Don't have a
RC> mysql server here to test this w/ at the moment, so your input would be
RC> appreciated.)

Your user 'user_name' has privileges on 'users_db' database that you
give him. You can read about types of privileges at:
     http://www.mysql.com/doc/P/r/Privileges_provided.html

RC> If I'm way off on this, I'd really appreciate any pointers in the right
RC> direction..

RC> Thanks!
RC> Ryan




-- 
For technical support contracts, goto https://order.mysql.com/
This email is sponsored by Ensita.net http://www.ensita.net/
   __  ___     ___ ____  __
  /  |/  /_ __/ __/ __ \/ /    Victoria Reznichenko
 / /|_/ / // /\ \/ /_/ / /__   [EMAIL PROTECTED]
/_/  /_/\_, /___/\___\_\___/   MySQL AB / Ensita.net
       <___/   www.mysql.com




---------------------------------------------------------------------
Before posting, please check:
   http://www.mysql.com/manual.php   (the manual)
   http://lists.mysql.com/           (the list archive)

To request this thread, e-mail <[EMAIL PROTECTED]>
To unsubscribe, e-mail <[EMAIL PROTECTED]>
Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php

Some permissions help

Reply via email to