Rights Management
#authorization actions can only be done by the root user!! SetGlobalvalidate_password_policy=0;setGlobalValidate_password_length=1;#Security settings issue, check this: http://www.jb51.net/article/95399.htmCreate an account:#Local accountCreate user'Egon'@'localhost'Identified by'1234';#mysql-uegon-p123 #Remote AccountCreate user'Egon'@'192.168.31.10'Identified by'1234';#mysql-uegon-p123-h service-side IP #allow all machines in a network segment to log inCreate user'Egon'@'192.168.31.%'Identified by'1234'; #let all the ping-through machines be able to log inCreate user'Egon'@'%'Identified by'1234'; authorization level User:*.*DB:DB1 All tables for all libraries.*for all tables in the DB1 library TABLE_PRIV:DB1.T1 open permissions on a table Columns_priv:id,name open permission authorization method for a field#User Level SELECT * from MYSQL.USER\G; can view authorization status #AuthorizedGrant SELECT On *. *; Authorize select Grant Select on all tables for all libraries*. * To'Egon'@'localhost'; Grant all on*. * To'Egon'@'localhost'; Permissions granted to all tables under all libraries (all does not contain grant permissions)#Revoke PermissionsRevoke SELECT On *. * from 'Egon'@'localhost'; #db Level select * from MYSQL.DB\G; can view authorization status #AuthorizedGrant Selcect on db1.* to'Egon'@'localhost'; #Revoke PermissionsRevoke Select on db1.* from 'Egon'@'localhost'; #Table select * from mysql.tables_priv\g; View authorization status #AuthorizedGrant SELECT on Db1.t2 to'Egon'@'localhost'; #Revoke PermissionsRevoke Select on Db1.t2 from 'Egon'@'localhost'; #Field Level #AuthorizedGrant Select (id,name), update (age) on Db1.t2 to'Egon'@'localhost';#view of fields, update permissions for fields #Revoke PermissionsRevoke Select (id,name), update (age) fromDb1.t2 to'Egon'@'localhost';
MySQL four-2: Rights Management