Home |  MySQL Buzz |  FAQ |  Feeds |  Submit your blog feed |  Feedback |  Archive |  Aggregate feed RSS 2.0 English Deutsch Español Français Italiano 日本語 Русский Português 中文
Showing entries 1 to 2

Displaying posts with tag: show grants (reset)

My Two Cents on MySQL Password Security
+1 Vote Up -1Vote Down

Lenz Grimmer recently wrote two blogs about password security on MySQL. Both are worth reading in detail. You’ll find them in Basic MySQL Security: Providing passwords on the command line and More on MySQL password security.

Although I wrote a comment on the latter one, there is one point I thought was worth its own blog.

GRANT … IDENTIFIED BY PASSWORD…

You can work around having to specify the password in the open following these steps:

  • Use a local or non-public instance (for example using MySQL Sandbox) to define the user / password combination you need:
    CREATE USER 'name'@'host' IDENTIFIED BY 'secret';
  •   [Read more...]
    Creative SQL: How to Easily SHOW GRANTS for Many Users
    +0 Vote Up -0Vote Down

    Scenario: Someone wants to know which of the over 50 MySQL users have certain privileges.

    There are many ways to solve this problem. Some of these scenarios are tedious and repetitious, others take no time at all.

    The issue, of course, lies in what the “certain” privileges are. If it is “who has the SUPER privilege?” then a simple

    SELECT user,host FROM mysql.user WHERE Super_priv='Y';

    is sufficient. If it is “who has write access to the foo database”, you might write:

    SELECT user,host FROM db WHERE Db='foo' AND Select_priv='Y';

    but that only shows who explicitly has read permissions on that database; it does not include those who have global read permissions. The full query would be:
    (more…)

    Showing entries 1 to 2

    Planet MySQL © 1995, 2014, Oracle Corporation and/or its affiliates   Legal Policies | Your Privacy Rights | Terms of Use

    Content reproduced on this site is the property of the respective copyright holders. It is not reviewed in advance by Oracle and does not necessarily represent the opinion of Oracle or any other party.