MySQL mistake with grant option
- by John Tate
I am unsure reading the MySQL documentation if creating a user with the GRANT option will give them the power to create users and grant privileges, or change the privileges of other users databases.
I have been creating databases for users like this
CREATE DATABASE user;
USE user;
GRANT ALL PRIVILEGES ON *.* TO 'user'@'localhost' IDENTIFIED BY 'password'
WITH GRANT OPTION;
Is this the best way of doing it or have I just given my users too much control? They are people I am hosting sites for. Thankfully at this point they are trustworthy. I use quotas.
Edit: I have realized I have been granting users access to all databases. This is obviously stupid I should be using this:
GRANT ALL PRIVILEGES ON database.* to 'user'@localhost' IDENTIFIED BY 'password'
What is the simplest way to revoke privileges for every user except root so I can quickly end this catastrophic rookie mistake?