Caron, Thursday, August 01, 2002, 7:48:40 PM, you wrote: C> Yes, but when I create a user with any other grants, it generates C> automatically this "grant usage on *.*":
mysql> use Liste_MP3; C> Reading table information for completion of table and column names C> You can turn off this feature to get a quicker startup with -A C> Database changed mysql> grant select on Liste_MP3.* to usernew@localhost identified by C> "password"; C> Query OK, 0 rows affected (0.01 sec) mysql> show grants for usernew@localhost; C> +--------------------------------------------------------------------------- C> ---- C> --------+ C> | Grants for usernew@localhost C> | C> +--------------------------------------------------------------------------- C> ---- C> --------+ C> | GRANT USAGE ON *.* TO 'usernew'@'localhost' IDENTIFIED BY PASSWORD C> '0c2993b965 C> 2e3c06' | C> | GRANT SELECT ON Liste_MP3.* TO 'usernew'@'localhost' C> | C> +--------------------------------------------------------------------------- C> ---- C> --------+ C> 2 rows in set (0.00 sec) C> It's a new user I never entered before, and still, it generates this usage C> on *.*... Because you gave permissions only on the specific database, not on all databases. MySQL has four levels of privileges: global level, database level, table level and column level. The output of SHOW GRANTS means that 'usernew' has no global privileges (USAGE) and has SELECT privilege on the database 'Liste_MP3'. C> Thanks! C> -----Original Message----- C> From: Victoria Reznichenko [mailto:[EMAIL PROTECTED]] C> Sent: 1 août, 2002 11:32 C> To: [EMAIL PROTECTED] C> Subject: Re: permissions questions... C> Caron, C> Thursday, August 01, 2002, 5:34:16 PM, you wrote: C>> mysql> show grants for nouveau@localhost; C>> Ceoen> +--------------------------------------------------------------------------- C>> ------------+ C>> | Grants for nouveau@localhost | C>> Ceoen> +--------------------------------------------------------------------------- C>> ------------+ C>> | GRANT USAGE ON *.* TO 'nouveau'@'localhost' IDENTIFIED BY PASSWORD C>> '4be6641910d7bc1b' | C>> Ceoen> +--------------------------------------------------------------------------- C>> ------------+ C>> 1 row in set (0.00 sec) C>> mysql> revoke usage on *.* from nouveau@localhost; C>> Query OK, 0 rows affected (0.00 sec) C>> Is there a way to get rid of that? Ceoen> :-) Ceoen> Yes, give to user 'nouveau' any privileges except USAGE. Ceoen> USAGE is a synonim for 'no privileges'. C>> Is there a way to create a user by giving access to only one database, C>> without giving him the permission to "mysqlshow --user=[thisuser] C>> --password=[thispassword]" and retrieve all database names? He should see C>> only the name of his database...? C> Yes, start mysqld with --safe-show-database option. And since 4.0.2 C> there is a SHOW DATABASES privilege. -- For technical support contracts, goto https://order.mysql.com/?ref=ensita This email is sponsored by Ensita.net http://www.ensita.net/ __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Victoria Reznichenko / /|_/ / // /\ \/ /_/ / /__ [EMAIL PROTECTED] /_/ /_/\_, /___/\___\_\___/ MySQL AB / Ensita.net <___/ www.mysql.com --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php
