Learning Mysql

Privilege
Global
Database
Table
DROP
✓
✓
✓
EXECUTE
✓
✗
✗
FILE
✓
✗
✗
GRANT OPTION
✗
✗
✗
INDEX
✓
✓
✓
INSERT
✓
✓
✓
LOCK TABLES
✓
✓
✗
PROCESS
✓
✗
✗
RELOAD
✓
✗
✗
REPLICATION CLIENT
✓
✗
✗
REPLICATION SLAVE
✓
✗
✗
SELECT
✓
✓
✓
SHOW DATABASES
✓
✗
✗
SHUTDOWN
✓
✗
✗
SUPER
✓
✗
✗
UPDATE
✓
✓
✓
The GRANT OPTION Privilege
The GRANT OPTION
privilege allows a user to pass on any privileges she has to other users. Consider an example, which we’ve run when connected to the monitor as the root user:
mysql> GRANT ALL ON music TO 'hugh'@'localhost';
Query OK, 0 rows affected (0.00 sec)
mysql> GRANT GRANT OPTION ON music TO 'hugh'@'localhost';
Query OK, 0 rows affected (0.00 sec)
This creates a MySQL user hugh
(with no password) and allows him to pass on his privileges for the music database to other users. Since the GRANT OPTION
is given at the database level (to music, hugh can pass on his privileges on that database, or on any of the tables or columns in that database. GRANT OPTION
always allows a user to pass on his privileges at the level which they’re given, or any lower level, and it also allows him to pass on any future privileges he’s given. We explain this hierarchy more in the next section.
Let’s test our new privilege using the user hugh
. Quit the monitor, and then reconnect as the MySQL user hugh
:
$ mysql --user=hugh
Now, let’s give our privileges to another user:

Download 4.24 Mb.

Share with your friends: