When I talk about troubleshooting I like to repeat: "Don't grant
database access to everybody!" This can sound a bit weird having
one can give very limited read-only access.
But only if ignore the fact what even minimal privileges in MySQL allows to change session variables, including those which control server resources. My favorite example is "Kill MySQL server with join_buffer_size". But before version 5.7 I could only recommend this, but not demonstrate. Now, with help of memory summary tables in Performance Schema, I can show how unprivileged user can let your server to use great amount of swap.
At first lets …