Rights Management for MySQL

Rights Management for MySQL
1. Basic Principles of authorization
Grant only the minimum permissions that meet the requirements, but be aware of enabling users to authorize other users (with GRANT option)
Host limits for user-set logins
Delete a user without a password
Satisfies the complexity of the password and sets a more complex password
Periodically check the user's permissions and appropriately reclaim the unwanted permissions

2, to the user authorization
Mysql> Grant All on * * to ' root ' @ ' 10.0.5.150 ' identified by ' aixocm ';
mysql> flush Privileges;

Mysql> Grant Select on employees.* to ' User01 ' @ ' 10.0.5.% ' identified by ' aixocm ' with GRANT option;
mysql> flush Privileges;
Show grants for ' user '

Practice: Adjacent two students mutual authorization root user can only from the other's real machine login can do all the operation, and then authorize a user can
The SXJY database select,update the following table and then verifies the correctness of the permission settings


3. View the user's authorization
Mysql> Show grants for ' User01 ' @ ' 10.0.5.150 ';
Mysql> Show grants for ' User01 ' @ ' 10.0.5.% ';
Mysql> Show grants; \ \ View current user's authorization status

mysql> Create user User02;
mysql> create user [email protected] '% ' identified by ' aixocm ';

mysql> drop user User02;

4, check the user's login and permissions situation
mysql> use MySQL;
Mysql> select Host,user,password from user;

5, the user's rights to recover
Mysql> revoke all in employees.* from [email protected];
mysql> revoke Delete on employees.* from [email protected];
mysql> flush Privileges;

This article is from the "Kenasel" blog, make sure to keep this source http://kenasel.blog.51cto.com/10620829/1839516

Rights Management for MySQL