Hi! On Oct 01, Plesk Support wrote:
> Any user in mysql can create as many databases as he wants. > Create a user with 1 database, and let him create database with name > "my_data_base". Log into mysql console as user and run command: > > CREATE DATABASE "my?data?base"; > > New database will be created and user can create tables and use it as normal > database. You can also create "my?data_base", "my_data?base", or try > to use *,$, #, a-z, A-Z.... and other symbols instead of underlines "_" ... > > I've just tried to log into MySQL console as usual non-privileged user with > N,N,N,N... permissions in "mysql.user" and tried to create some base with > another names -- no permissons error. However I COULD create 5 databases > with names similar to "my_data_base"... I can operate them (as this > user) without > problems. Seems like huge hole in our MySQL (or MySQL at all). No, it is not. As noted in the manual ("Access Control, Stage 2: Request Verification" section), mysql.db and mysql.host tables accept wildcards in Db and Host fields of either table. We will add a note to GRANT section to make it more clear, thank you for the hint. Regards, Sergei -- MySQL Development Team __ ___ ___ ____ __ / |/ /_ __/ __/ __ \/ / Sergei Golubchik <[EMAIL PROTECTED]> / /|_/ / // /\ \/ /_/ / /__ MySQL AB, http://www.mysql.com/ /_/ /_/\_, /___/\___\_\___/ Osnabrueck, Germany <___/ --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php