MySQL mistake with grant option
Posted
by
John Tate
on Server Fault
See other posts from Server Fault
or by John Tate
Published on 2013-10-20T08:41:15Z
Indexed on
2013/10/20
9:56 UTC
Read the original article
Hit count: 286
mysql
I am unsure reading the MySQL documentation if creating a user with the GRANT option will give them the power to create users and grant privileges, or change the privileges of other users databases.
I have been creating databases for users like this
CREATE DATABASE user;
USE user;
GRANT ALL PRIVILEGES ON *.* TO 'user'@'localhost' IDENTIFIED BY 'password'
WITH GRANT OPTION;
Is this the best way of doing it or have I just given my users too much control? They are people I am hosting sites for. Thankfully at this point they are trustworthy. I use quotas.
Edit: I have realized I have been granting users access to all databases. This is obviously stupid I should be using this:
GRANT ALL PRIVILEGES ON database.* to 'user'@localhost' IDENTIFIED BY 'password'
What is the simplest way to revoke privileges for every user except root so I can quickly end this catastrophic rookie mistake?
© Server Fault or respective owner