MySQL Forums
Forum List  »  Newbie

Creating new SQL users from guest account?
Posted by: Frederik Lotter
Date: October 18, 2009 05:23PM

Hi,

I am trying to design a simple web page which has some level of security maintained by the SQL backend.

Currently my plan (I am still new to SQL) is to have a "guest" SQL user who can create other users.

I want my default web interface allow people to "register" and then log in using the newly created user name.

However, I am not sure how this maps into mySQL. It seems that an unprivileged "guest" will not be able to create users with different permissions (understandably).

I want to only allow the guest user "CREATE USER" privilege and nothing else for security reasons. However, I cannot see how I can create a new user with different privileges (e.g. with ability to create a new SCHEMA).

This must be a common problem which already has a solution? Any ideas will be appreciated.

I originally thought of allowing the "Guest" user to execute a PROCEDURE which creates the user (which I was hoping runs under root privileges). It turns out this is a dead end as the PROCEDURE cannot pass user and password information to the CREATE USER/ GRANT SQL commands.... :(

http://bugs.mysql.com/bug.php?id=28406http://bugs.mysql.com/bug.php?id=28406

Help please!

:)

Fred



Edited 1 time(s). Last edit at 10/19/2009 08:09AM by Frederik Lotter.

Options: ReplyQuote


Subject
Written By
Posted
Creating new SQL users from guest account?
October 18, 2009 05:23PM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.