Hello,

i have a question about security / user right handling at my MySQL Server 5.5.


i know that for mysql the database mysql exists. there are tables like "db" or "user".

i know that user is the table for granted or revoked permissions (a.e. DROP Priv = Y, SELECT Priv = Y, and so on).
but on the table db i can define such things like Host '%', database_name 'new_database', DROP_PRIV 'N'.

My Problem here is now, that, if i set the DROP Privilege of an user "custom" in the table user of mysql to "Y", and define in the table "db" that this user should *NOT* have the DROP Privilege to drop "test", i'm still able to drop the database or tables with the user "custom".
why is that? is there an order like "if in the user table is the privilege given, it cannot be revoked for single databases for one user"?

would be glad for help.

and sorry for my bad english ^^

best regards,
Daniel



Edited 1 time(s). Last edit at 08/15/2013 09:51AM by Daniel Beer.