Related management analysis of MySQL database account authorization (1)_PHP tutorial

MySQL administrators should know how to set up MySQL user accounts, indicate which users can connect to the server, where to connect from, and what they can do after connecting. MySQL 3.22.11 began to introduce two statements to make this job easier: the GRANT statement creates a MySQL user and specifies its permissions, and the REVOKE statement removes permissions. Two statements act as a front-end to the MySQL database and provide an alternative to directly manipulating the contents of these tables. The CREATE and REVOKE statements affect 4 tables: Authorization table

Contents

user Users who can connect to the server and any global permissions they have

db Database-level permissions

tables_priv Table-level permissions

columns_priv Column-level permissions

There is also a fifth authorization table (host), but it is not affected by GRANT and REVOKE.

When you issue a GRANT statement to a user, a record is created for that user in the user table. If the statement specifies any global permissions (administrative permissions or permissions that apply to all databases), these are also recorded in the user table. If you specify database, table, and column-level permissions, they are recorded in the db, tables_priv, and columns_priv tables respectively.

Using GRANT and REVOKE is easier than modifying the authorization table directly. However, it is recommended that you read the "MySQL Security Guide". These tables are extremely important, and as an administrator, you should understand how they go beyond the functional level of GRANT and REVOKE statements.

In the following chapters, we will introduce how to set up a MySQL user account and authorize it. We also cover how to revoke authority and remove users from the authorization table.

You may also want to consider using the mysqlAccess and mysql_setpermission scripts, which are part of the MySQL distribution. They are Perl scripts that provide an alternative to the GRANT statement for setting user accounts. mysql_setpermission requires DBI support to be installed.

1. Create a user and authorize

The syntax of the GRANT statement looks like this:

GRANT privileges (columns) ON what TO user IDENTIFIED BY "password" WITH GRANT OPTION

To use this statement, you need to fill in the following sections:

privileges

Privileges granted to the user, the following table lists the privileges available for the GRANT statement Permission specifier:

Permission specifier

http://www.bkjia.com/PHPjc/630983.htmlwww.bkjia.comtruehttp: //www.bkjia.com/PHPjc/630983.htmlTechArticleMySQL administrator should know how to set up a MySQL user account, indicate which user can connect to the server, where to connect, and after connecting What can be done. MySQL 3.22.11 began to introduce two statements to make...