=============================================== Bug report -- MySQL v4.05a, binary distribution ===============================================
-------------- Machine specs: -------------- Compaq Presario desktop Windows XP Professional SP1 .NET Framework SP2 -------------------- Problem description: -------------------- The security features of MySQL do not seem to work with Embedded MySQL. Instead, every user is given full permissions. ------------- Setup script: ------------- USE mysql DELETE FROM user WHERE user=''; DELETE FROM user WHERE user='root' AND host!='localhost'; USE test CREATE TABLE mytable (a int); GRANT SELECT ON mytable TO joe@localhost; GRANT USAGE ON mytable TO jay@localhost; FLUSH PRIVILEGES; ------------------ Observed behavior: ------------------ Running the mysql.exe client, anonymous users cannot connect to the database, user 'joe' has read-only access to the table test.mytable, and user 'jay' as no privileges. Running the mysql-server.exe host, all users have full privileges. Additionally, the GRANT statement in mysql-server.exe returns error 1047 ("Unknown command"). --------------- Possible cause: --------------- The function acl_init() which loads the ACL's for each user on startup, includes a parameter, dont_read_acl_tables, that can be set to true to skip this step. The purpose of this parameter according to the comments is to support the --skip-grant command-line option. However, the mysql_server_init() function hard-codes this parameter value to 1, so the ACL's never get loaded and every access succeeds. ----------------------- My contact information: ----------------------- Matt Solnit <[EMAIL PROTECTED]> --------------------------------------------------------------------- Before posting, please check: http://www.mysql.com/manual.php (the manual) http://lists.mysql.com/ (the list archive) To request this thread, e-mail <[EMAIL PROTECTED]> To unsubscribe, e-mail <[EMAIL PROTECTED]> Trouble unsubscribing? Try: http://lists.mysql.com/php/unsubscribe.php