you definitely should not be
able to do that.
---
Tom Crimmins
Interface Specialist
Pottawattamie County, Iowa
-Original Message-
From: Joshua J. Kugler
Sent: Tuesday, January 11, 2005 1:09 AM
To: mysql@lists.mysql.com
Subject: Re: GRANT can't grant with a password?
Right, I understand
Yes, I hadn't thought of that. But at the same time, the way it's presently
set up, you *can,* and must, create a user with no password. That doesn't
seem very safe either.
j- k-
On Tuesday 11 January 2005 05:17, Tom Crimmins said something like:
[snip]
It seems that the GRANT
Right, I understand that, but then *why* can a user create another user, with
all the priveleges they have, but with now password. That seems like a great
security hole. It seems that the GRANT syntax should allow the setting of a
password upon account creation without requiring access to the
Hello.
As said at:
http://dev.mysql.com/doc/mysql/en/SET_PASSWORD.html
Only clients with access to mysql database can set passwords for
other accounts.
Joshua J. Kugler [EMAIL PROTECTED] wrote:
I've read the sections on GRANT's and permissions, and done some googling,
and
I've read the sections on GRANT's and permissions, and done some googling, and
still haven't found what I'm looking for.
I have a user that has USAGE and GRANT global privs and all privs and GRANT on
database rubric.
However, when they try to run this query:
GRANT SELECT, INSERT, UPDATE,