深入MySQL的权限系统(1)
MySQL有一套先进的但非标准的安全/授权系统,掌握其授权机制是开始操作MySQL数据库必须要走的第一步,对于一个熟悉SQL基本操作的人来说,也是MySQL所有的知识中比较难以理解的一个部分。本节通过揭开其授权系统的运作机制,希望大家能够可以更好地操作和使用
MySQL有一套先进的但非标准的安全/授权系统,掌握其授权机制是开始操作MySQL数据库必须要走的第一步,对于一个熟悉SQL基本操作的人来说,也是MySQL所有的知识中比较难以理解的一个部分。本节通过揭开其授权系统的运作机制,希望大家能够可以更好地操作和使用这个优秀的数据库系统。
MySQL的安全系统是很灵活的,它允许你以多种不同方式设置用户权限。一般地,你可使用标准的SQL语句GRANT和REVOKE语句做,他们为你修改控制客户访问的授权表,然而,你可能由一个不支持这些语句的老版本的MySQL(在3.22.11之前这些语句不起作用),或者你发觉用户权限看起来不是以你想要的方式工作。对于这种情况,了解MySQL授权表的结构和服务器如何利用它们决定访问权限是有帮助的,这样的了解允许你通过直接修改授权表增加、删除或修改用户权限,它也允许你在检查这些表时诊断权限问题。
MySQL授权表的结构
通过网络连接服务器的客户对MySQL数据库的访问由授权表内容来控制。这些表位于mysql数据库中,并在第一次安装MySQL的过程中初始化(运行mysql_install_db脚本)。授权表共有5个表:user、db、host、tables_priv和columns_priv。
授权表user、db和host的结构和作用
表1 授权表user、db和host的结构
授权表的内容有如下用途:
·user表
user表列出可以连接服务器的用户及其口令,并且它指定他们有哪种全局(超级用户)权限。在user表启用的任何权限均是全局权限,并适用于所有数据库。例如,如果你启用了DELETE权限,在这里列出的用户可以从任何表中删除记录,所以在你这样做之前要认真考虑。
·db表
db表列出数据库,而用户有权限访问它们。在这里指定的权限适用于一个数据库中的所有表。
·host表
host表与db表结合使用在一个较好层次上控制特定主机对数据库的访问权限,这可能比单独使用db好些。这个表不受GRANT和REVOKE语句的影响,所以,你可能发觉你根本不是用它。
授权表tables_priv和columns_priv的结构和作用
表2 授权表tables_priv和columns_priv的结构
|
授权表tables_priv |
授权表columns_priv |
|
作用域列 |
|
|
Host |
Host |
|
Db |
Db |
|
User |
User |
|
Table_name |
Table_name |
|
|
Column_name |
|
权限列 |
|
|
Table_priv |
Column_priv |
|
其他列 |
|
|
Timestamp |
Timestamp |
|
Grantor |
|
MySQL没有rows_priv表,因为它不提供记录级权限,例如,你不能限制用户于表中包含特定列值的行。如果你确实需要这种能力,你必须用应用编程来提供。如果你想执行建议的记录级锁定,你可用GET_LOCK()函数做到。
授权表的内容有如下用途:
·tables_priv表
tables_priv表指定表级权限,在这里指定的一个权限适用于一个表的所有列。
·columns_priv表
columns_priv表指定列级权限。这里指定的权限适用于一个表的特定列。
tables_priv和columns_priv表在MySQL 3.22.11版引进(与GRANT语句同时)。如果你有较早版本的MySQL,你的mysql数据库将只有user、db和host表。如果你从老版本升级到3.22.11或更新,而没有tables_priv和columns_priv表,运行mysql_fix_privileges_tables脚本创建它们。
用户的权限
权限信息用user、db、host、tables_priv和columns_priv表被存储在mysql数据库中(即在名为mysql的数据库中)。在MySQL启动时和在7.5权限修改何时生效所说的情况时,服务器读入这些数据库表内容。
数据库和表的权限
下列权限运用于数据库和表上的操作。
·SELECT
允许你使用SELECT语句从表中检索数据。SELECT语句只有在他们真正从一个表中检索行是才需要select权限,你可以执行某个SELECT语句,甚至没有任何到服务器上的数据库里的存取任何东西的许可。例如,你可使用mysql客户作为一个简单的计算器:
mysql> SELECT 1+1;
mysql> SELECT PI()*2;
·UPDATE
允许你修改表中的已有的记录。
·INSERT
允许在表中插入记录
·DELETE
允许你从表中删除现有记录。
·ALTER
允许你使用ALTER TABLE语句,这其实是一个简单的第一级权限,你必须由其他权限,这看你想对数据库实施什么操作。
·CREATE
允许你创建数据库和表,但不允许创建索引。
·DROP
允许你删除(抛弃)数据库和表,但不允许删除索引。
注意:如果你将mysql数据库的drop权限授予一个用户,该用户能抛弃存储了MySQL存取权限的数据库!
·INDEX
允许你创建并删除索引。
·REFERENCES
目前不用。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1386
52
MySQL: Simple Concepts for Easy Learning
Apr 10, 2025 am 09:29 AM
MySQL is an open source relational database management system. 1) Create database and tables: Use the CREATEDATABASE and CREATETABLE commands. 2) Basic operations: INSERT, UPDATE, DELETE and SELECT. 3) Advanced operations: JOIN, subquery and transaction processing. 4) Debugging skills: Check syntax, data type and permissions. 5) Optimization suggestions: Use indexes, avoid SELECT* and use transactions.
How to open phpmyadmin
Apr 10, 2025 pm 10:51 PM
You can open phpMyAdmin through the following steps: 1. Log in to the website control panel; 2. Find and click the phpMyAdmin icon; 3. Enter MySQL credentials; 4. Click "Login".
MySQL: An Introduction to the World's Most Popular Database
Apr 12, 2025 am 12:18 AM
MySQL is an open source relational database management system, mainly used to store and retrieve data quickly and reliably. Its working principle includes client requests, query resolution, execution of queries and return results. Examples of usage include creating tables, inserting and querying data, and advanced features such as JOIN operations. Common errors involve SQL syntax, data types, and permissions, and optimization suggestions include the use of indexes, optimized queries, and partitioning of tables.
Why Use MySQL? Benefits and Advantages
Apr 12, 2025 am 12:17 AM
MySQL is chosen for its performance, reliability, ease of use, and community support. 1.MySQL provides efficient data storage and retrieval functions, supporting multiple data types and advanced query operations. 2. Adopt client-server architecture and multiple storage engines to support transaction and query optimization. 3. Easy to use, supports a variety of operating systems and programming languages. 4. Have strong community support and provide rich resources and solutions.
How to use single threaded redis
Apr 10, 2025 pm 07:12 PM
Redis uses a single threaded architecture to provide high performance, simplicity, and consistency. It utilizes I/O multiplexing, event loops, non-blocking I/O, and shared memory to improve concurrency, but with limitations of concurrency limitations, single point of failure, and unsuitable for write-intensive workloads.
MySQL and SQL: Essential Skills for Developers
Apr 10, 2025 am 09:30 AM
MySQL and SQL are essential skills for developers. 1.MySQL is an open source relational database management system, and SQL is the standard language used to manage and operate databases. 2.MySQL supports multiple storage engines through efficient data storage and retrieval functions, and SQL completes complex data operations through simple statements. 3. Examples of usage include basic queries and advanced queries, such as filtering and sorting by condition. 4. Common errors include syntax errors and performance issues, which can be optimized by checking SQL statements and using EXPLAIN commands. 5. Performance optimization techniques include using indexes, avoiding full table scanning, optimizing JOIN operations and improving code readability.
MySQL's Place: Databases and Programming
Apr 13, 2025 am 12:18 AM
MySQL's position in databases and programming is very important. It is an open source relational database management system that is widely used in various application scenarios. 1) MySQL provides efficient data storage, organization and retrieval functions, supporting Web, mobile and enterprise-level systems. 2) It uses a client-server architecture, supports multiple storage engines and index optimization. 3) Basic usages include creating tables and inserting data, and advanced usages involve multi-table JOINs and complex queries. 4) Frequently asked questions such as SQL syntax errors and performance issues can be debugged through the EXPLAIN command and slow query log. 5) Performance optimization methods include rational use of indexes, optimized query and use of caches. Best practices include using transactions and PreparedStatemen
Monitor Redis Droplet with Redis Exporter Service
Apr 10, 2025 pm 01:36 PM
Effective monitoring of Redis databases is critical to maintaining optimal performance, identifying potential bottlenecks, and ensuring overall system reliability. Redis Exporter Service is a powerful utility designed to monitor Redis databases using Prometheus. This tutorial will guide you through the complete setup and configuration of Redis Exporter Service, ensuring you seamlessly build monitoring solutions. By studying this tutorial, you will achieve fully operational monitoring settings
