Hi Michael, you raised an interesting question.
I created a new account (testroot) I gave him all privileges - except the GRANT privilege. GRANT ALL ON *.* TO 'testroot'@'%' IDENTIFIED BY 'xxx'; mysql> show grants for testroot; +----------------------------------------------------------------------------------------------------------------------+ | Grants for [EMAIL PROTECTED] | +----------------------------------------------------------------------------------------------------------------------+ | GRANT ALL PRIVILEGES ON *.* TO 'testroot'@'%' IDENTIFIED BY PASSWORD '*70d5f00b26968dc1967b0679b54b2e2d0479c55c96c1' | +----------------------------------------------------------------------------------------------------------------------+ This is what I got when trying to revoke the mysql database privileges: mysql> REVOKE ALL ON mysql.* FROM testroot; ERROR 1141: There is no such grant defined for user 'testroot' on host '%' So this means that by default those users cant access the mysql privilege database anyway (which makes sense to me). Above is just a sample. Its probably not exactly what you are after, but I think the point about the privilege database becomes clearer. For other databases I believe you have to define one at a time, which allows you to set it up exactly to your needs. Hope that helps. Best regards Nils Valentin Tokyo/Japan 2003年 6月 26日 木曜日 07:25、Paul DuBois さんは書きました: > At 18:02 -0400 6/25/03, michael young wrote: > >Hi, > > I am creating a small web based program for users to access > >the data in the datbases. New databases will be added in later. I > >want to create a user to access these databases with certain rights, > >not all rights. Will I have to grant this user right to each > >database as I add them in or is there a way to give this user rights > >to all databases (EXCEPT for mysql DB) including DB's I'll add > >later. Other than the mysql database there is no database on this > >server that this user should be elcluded from. What is the best way > >to handle this? > > Grant the user privileges for each database. There is no syntax for > "all except". > > >Thanks, > > Michael > > -- > Paul DuBois, Senior Technical Writer > Madison, Wisconsin, USA > MySQL AB, www.mysql.com > > Are you MySQL certified? http://www.mysql.com/certification/ -- --- Valentin Nils Internet Technology E-Mail: [EMAIL PROTECTED] URL: http://www.knowd.co.jp Personal URL: http://www.knowd.co.jp/staff/nils -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]