Dear Ryan, have a look at the manual:
http://www.mysql.com/documentation/mysql/bychapter/manual_MySQL_Database_Adm inistration.html#User_Account_Management With the exception of Paul's book on MySQL, you probably won't find a better explanation of the MySQL privilege system. > PLEASE I'M GOING CRAZY trying to figure this out... my book doesn't say > anything about what EXACTLY a user can/can't touch with which privilages Just in short: Put this in my.cnf / my.ini: [mysqld] safe-show-database This will prevent MySQL users to see databases to which they have no access privilege. Starting with MySQL 4.0.5a, this have changed. Now, there is a special privilege "show_database" which is set to "N" by default. safe-show-database will still work, though. > grant select,insert,update,delete,create,drop > on somedb.* to someusr@"%" identified by 'passwrd'; This means, someusr can access the somedb database and all its tables from anywhere (%). someusr can create and drop tables, and might even drop database somedb, but cannot add or drop any other databases. So this should be exactly what you want. If applicable, you may want to restrict the access to something which is not "%", but rather something like "192.168.%" (e. g. intranet users) or even "62.115.92.78" (if your users have a static ip address). HTH! -- Stefan Hinz <[EMAIL PROTECTED]> CEO / Geschäftsleitung iConnect GmbH <http://iConnect.de> Heesestr. 6, 12169 Berlin (Germany) Telefon: +49 30 7970948-0 Fax: +49 30 7970948-3 ----- Original Message ----- From: "Ryan McDougall" <[EMAIL PROTECTED]> To: "mysql" <[EMAIL PROTECTED]> Sent: Sunday, December 08, 2002 6:39 AM Subject: MySQL user privilages > Hey everyone, > > Ok if I issue this command: > > mysql> grant select,insert,update,delete,create,drop > -> on *.* to someusr@"%" identified by 'passwrd'; > > I already know that this statement creates the user someusr w/ password=passwrd > and it can connect from anywhere. What I don't know: Can this user now mess up > the privilage tables? Can this user mess with other users DBs and tables? > > I want to create a normal user for me that can create my own DBs and delete > them if I want (it my stuff anyway ) but I don't want me to be able to see or > do anything to anybody elses stuff. Would I then have to run this command??? > > mysql> grant select,insert,update,delete,create,drop > -> on somedb.* to someusr@"%" identified by 'passwrd'; > > And create this test DB so that this user can have initial privilages on some > DB then that user will be ale to create their own DBs at will?? I just don't > get the whole user aspect of MySQL... I want it to be like a normal *nix user > create their own crap and delete it if they want... but don't touch whats not > theirs! Is this accomplished with either of those commands, if so which one, if > not how do I do that? > > PLEASE I'M GOING CRAZY trying to figure this out... my book doesn't say > anything about what EXACTLY a user can/can't touch with which privilages > > __________________________________________________ > Do you Yahoo!? > Yahoo! Mail Plus - Powerful. Affordable. Sign up now. > http://mailplus.yahoo.com > > --------------------------------------------------------------------- > Before posting, please check: > http://www.mysql.com/manual.php (the manual) > http://lists.mysql.com/ (the list archive) > > To request this thread, e-mail <[EMAIL PROTECTED]> > To unsubscribe, e-mail <[EMAIL PROTECTED]> > Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php > --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php