MySQL Forums
Forum List  »  Security

Database Permissions, deny for one User one Database
Posted by: Daniel Beer
Date: August 15, 2013 09:50AM

Hello,

i have a question about security / user right handling at my MySQL Server 5.5.


i know that for mysql the database mysql exists. there are tables like "db" or "user".

i know that user is the table for granted or revoked permissions (a.e. DROP Priv = Y, SELECT Priv = Y, and so on).
but on the table db i can define such things like Host '%', database_name 'new_database', DROP_PRIV 'N'.

My Problem here is now, that, if i set the DROP Privilege of an user "custom" in the table user of mysql to "Y", and define in the table "db" that this user should *NOT* have the DROP Privilege to drop "test", i'm still able to drop the database or tables with the user "custom".
why is that? is there an order like "if in the user table is the privilege given, it cannot be revoked for single databases for one user"?

would be glad for help.

and sorry for my bad english ^^

best regards,
Daniel



Edited 1 time(s). Last edit at 08/15/2013 09:51AM by Daniel Beer.

Options: ReplyQuote


Subject
Views
Written By
Posted
Database Permissions, deny for one User one Database
2899
August 15, 2013 09:50AM


Sorry, you can't reply to this topic. It has been closed.

Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.