Here are three security tasks I handled, which I'm happy to say were easily solved with common_schema's views and routines (with no prior planning). Two are so easy, that I actually now integrated them into common_schema 1.3:
- Duplicate a user (create new user with same privileges as another's)
- Find users with identical set of grants (same roles)
- Finding redundant users (users who only have privileges on non-existing objects); I was approached on this by Sheeri K. Cabral from Mozilla.
How would you duplicate a grantee? That's easy! Just get the SHOW GRANTS output, then do text search and replace: replace the existing account (e.g. 'existing'@'localhost') with the new account (e.g.[Read more...]