Mysql permission level, mysql permission level

Mysql permission level, mysql permission level
Mysql has five levels of permissions:
Clobal Level, Database Level, Table level, Column Level, and Routine Level.

1. Clobal Level: Global permissions for the entire mysql database server. Permission on a database in mysql or a table in a database. All permission information is stored in the mysql. user table.

Global permission setting statement:

GRANT ALL ON *.* to 'root'@'localhost'

The first * indicates the database name. Here it is all databases, and the second * indicates the table name.
Global permissions include alter routine create all create routine create temporary tables create user create view delete All DROP All execute file All into file index All INSERT All lock tables process All RELOAD All REPLICATION CLIENT SLAVE STATUS REPLICATION SLAVE SELECT SHOW DATABASES SHOW VIEW SHUTDOWN SUPER UPDATE USAGE

2. Database Level: Database-Level permissions. You can use databasename. * To Set permissions. The setting statement is as follows:

GRANT ALL ON databasename.* to 'root'@'localhost'

It will be overwritten by the global level permissions. For example, there are two permission setting statements:

GRANT SELECT on test.* to 'root'@'localhost';REVOKE SELECT ON *.* FROM 'root'@'localhost';

'Root' @ 'localhost' will no longer have the select permission on test.
Database permissions: create user, FILE, PROCESS, RELOAD, replication client, replication slave, show databases, SHUTDOWN, SUPER USAGE

3. Table Level: Table-Level permissions can be overwritten by global and database-Level permissions.

GRANT SELECT ON test.test to 'root'@'localhost';SHOW GRANTS FOR 'root'@'localhost';

You can use to select a database and directly set permissions for the table name.

GRANT SELECT ON test to 'root'@'localhost';

Table permissions include ALTER, CREATE, DELETE, DROP, INDEX, INSERT, select update.

4. Column Level: permission for a Column in a table. It will be overwritten by the first three permissions.

GRANT SELECT(id) ON test to 'root'@'localhost';

Field-level permissions include INSERT, SELECT, and UPDATE.

5. Routine Level: it is the permission for functions and stored procedures. It will be overwritten by 1, 2, and 3 permissions.

GRANT EXECUTE ON test.p to'root'@'localhost';

Briefly describe the steps for creating mysql permission Control

1. mysql checks the permission information in the user permission table, matches the value of the user and host fields, and checks whether the global permission of the request is allowed. If the matching result is found, the operation is permitted, otherwise, proceed to the next step.
2. mysql checks the permission information in the database permission table, matches the user and host fields, and checks whether the requested database-level permissions are allowed. If the matching results are found, the operation is allowed, otherwise, proceed to the next step.
3. mysql checks the permission information in the tables_priv permission table, matches the user and host field values, and checks whether the requested database-level permissions are permitted. If the matching results are found, the operation is permitted, otherwise, proceed to the next step.
4. mysql checks the permission information in the columns_priv permission table, matches the user and host field values, and checks whether the requested database-level permissions are allowed. If a matching result is found, the operation is permitted, otherwise, an error message is returned.

In mysql, how do I set user and administrator permissions?

The MySQL administrator should know how to set up the MySQL user account and specify which user can connect to the server, where to connect, and what to do after the connection. MySQL 3.22.11 introduces two statements to make this work easier: GRANT statements create MySQL users and specify their permissions, while REVOKE statements delete permissions. The two statements assume the front-end role of the MySQL database and provide a different method than directly operating the contents of these tables. The CREATE and REVOKE statements affect four tables: Chinese webmaster site

There are 5th other authorization tables (hosts), but they are not affected by GRANT and REVOKE. Central China webmaster Station

When you issue a GRANT statement to a user, create a record for the user in the user table. If the statement specifies any global permissions (administrative permissions or permissions applicable to all databases), these are also recorded in the user table. If you specify database, table, and column-level permissions, they are recorded in db, tables_priv, and columns_priv tables respectively.

Station. Long SITE

Using GRANT and REVOKE is easier than directly modifying the authorization table. However, read MySQL security guide. These tables are exceptionally important, and as an administrator, you should understand how they go beyond the functional level of GRANT and REVOKE statements.

Station. Long SITE

In the following sections, we will introduce how to set up and authorize a MySQL user account. We also involve how to revoke permissions and delete users from the authorization table. Chinaz

You may also want to use MySQLACCESS and mysql_setpermission scripts, which are part of MySQL distribution. They are Perl scripts and provide another option to set user accounts for GRANT statements. DBI support is required for MySQL_setpermission.

Chinaz.com

1. Create a user and authorize Chinaz.com

The syntax of the GRANT statement looks like this:

Reference content is as follows:
GRANT privileges (columns)
ON what
TO user identified by "password"
WITH GRANT OPTION

Www.Chinaz.com

To use this statement, you must enter the following parts:

China site. Long SITE

Privileges Webmaster. Site

The following table lists the permissions that can be used for GRANT statements:

China site. Long SITE

The table above shows that the permission specifiers in the first group apply to databases, tables, and columns, and the second group manages permissions. Generally, these are relatively strictly authorized because they allow users to affect server operations. The third group has special permissions. "ALL" means "ALL Permissions", and "UASGE" means "no Permissions", that is, creating users, but not granting permissions. Www ^ Chinaz ^ com

Columns

China webmaster site

The permission column is optional, and you can only set specific permissions for the column. If the command has more than one column, separate them with commas.

Chinese Webmaster. Station

What

Webmaster. Station

Permission usage level. Permissions Can be global (applicable to all databases and tables), specific databases (applicable to all tables in a database), or specific tables. You can specify a columns statement to indicate that the permission is column-specific. Www @ Chinaz @ com

User: Chinese webmaster _ station, providing motivation for Chinese Websites

The user authorized by the permission, which consists of a user name and host name. In MySQL, you not only specify who can connect, but also where to connect. This allows two users with the same name to connect from different places. MySQL allows you to differentiate them and grant them permissions independently.

China webmaster site

One user name in MySQL is your connection server... the remaining full text>