Shulou(Shulou.com)05/31 Report--

This article mainly explains "how to solve the problem that mysql deletes a user and then creates a new user that still has the original permissions." interested friends may wish to have a look. The method introduced in this paper is simple, fast and practical. Let's let the editor take you to learn "how to solve the problem that mysql deletes a user and then creates a new user that still has the original permissions".

So if you need to reduce permissions, you need to delete the original user and then create a new user!

Also, after re-establishing the user (grant select,update on *. * to 'aa'@'%' identified by' aa';), it is found that delete and insert data can still be obtained.

This is because in addition to controlling permissions in the user table, the db table also controls permissions on the database. You need to delete the corresponding data in it and then flush privileges it!

[@ more@]

User questions:

It is found that the user is first established according to the following statement:

Mysql > grant all privileges on *. * to 'aa'@'%' identified by' aa'

Query OK, 0 rows affected (0.00 sec)

Mysql > select * from mysql.user where user = 'aa' G

* * 1. Row *

Host:%

User: aa

Password: * DEE59C300700AF9B586F9F2A702231C0AC373A13

Select_priv: Y

Insert_priv: Y

Update_priv: Y

Delete_priv: Y

Create_priv: Y

Drop_priv: Y

Reload_priv: Y

Shutdown_priv: Y

Process_priv: Y

File_priv: Y

Grant_priv: N

References_priv: Y

Index_priv: Y

Alter_priv: Y

Show_db_priv: Y

Super_priv: Y

Create_tmp_table_priv: Y

Lock_tables_priv: Y

Execute_priv: Y

Repl_slave_priv: Y

Repl_client_priv: Y

Create_view_priv: Y

Show_view_priv: Y

Create_routine_priv: Y

Alter_routine_priv: Y

Create_user_priv: Y

Ssl_type:

Ssl_cipher:

X509_issuer:

X509_subject:

Max_questions: 0

Max_updates: 0

Max_connections: 0

Max_user_connections: 0

1 row in set (0.00 sec)

Then:

Mysql > grant select,update on *. * to 'aa'@'%' identified by' aa'

Query OK, 0 rows affected (0.00 sec)

Mysql > select * from mysql.user where user = 'aa' G

* * 1. Row *

Host:%

User: aa

Password: * DEE59C300700AF9B586F9F2A702231C0AC373A13

Select_priv: Y

Insert_priv: Y

Update_priv: Y

Delete_priv: Y

Create_priv: Y

Drop_priv: Y

Reload_priv: Y

Shutdown_priv: Y

Process_priv: Y

File_priv: Y

Grant_priv: N

References_priv: Y

Index_priv: Y

Alter_priv: Y

Show_db_priv: Y

Super_priv: Y

Create_tmp_table_priv: Y

Lock_tables_priv: Y

Execute_priv: Y

Repl_slave_priv: Y

Repl_client_priv: Y

Create_view_priv: Y

Show_view_priv: Y

Create_routine_priv: Y

Alter_routine_priv: Y

Create_user_priv: Y

Ssl_type:

Ssl_cipher:

X509_issuer:

X509_subject:

Max_questions: 0

Max_updates: 0

Max_connections: 0

Max_user_connections: 0

1 row in set (0.00 sec)

It is found that the permissions have not changed.

Is it possible that the new addition is to add permissions on the basis of the previous permissions?

Create a new user to see:

Mysql > grant select,update on *. * to 'bb'@'%' identified by' bb'

Query OK, 0 rows affected (0.00 sec)

Mysql > select * from mysql.user where user = 'bb' G

* * 1. Row *

Host:%

User: bb

Password: * E72B08C841E005B05BD564FA1C18CAFFB9FEF5FC

Select_priv: Y

Insert_priv: N

Update_priv: Y

Delete_priv: N

Create_priv: N

Drop_priv: N

Reload_priv: N

Shutdown_priv: N

Process_priv: N

File_priv: N

Grant_priv: N

References_priv: N

Index_priv: N

Alter_priv: N

Show_db_priv: N

Super_priv: N

Create_tmp_table_priv: N

Lock_tables_priv: N

Execute_priv: N

Repl_slave_priv: N

Repl_client_priv: N

Create_view_priv: N

Show_view_priv: N

Create_routine_priv: N

Alter_routine_priv: N

Create_user_priv: N

Ssl_type:

Ssl_cipher:

X509_issuer:

X509_subject:

Max_questions: 0

Max_updates: 0

Max_connections: 0

Max_user_connections: 0

1 row in set (0.00 sec)

Mysql > grant delete,insert on *. * to 'bb'@'%' identified by' bb'

Query OK, 0 rows affected (0.00 sec)

Mysql >

Mysql > select * from mysql.user where user = 'bb' G

* * 1. Row *

Host:%

User: bb

Password: * E72B08C841E005B05BD564FA1C18CAFFB9FEF5FC

Select_priv: Y

Insert_priv: Y

Update_priv: Y

Delete_priv: Y

Create_priv: N

Drop_priv: N

Reload_priv: N

Shutdown_priv: N

Process_priv: N

File_priv: N

Grant_priv: N

References_priv: N

Index_priv: N

Alter_priv: N

Show_db_priv: N

Super_priv: N

Create_tmp_table_priv: N

Lock_tables_priv: N

Execute_priv: N

Repl_slave_priv: N

Repl_client_priv: N

Create_view_priv: N

Show_view_priv: N

Create_routine_priv: N

Alter_routine_priv: N

Create_user_priv: N

Ssl_type:

Ssl_cipher:

X509_issuer:

X509_subject:

Max_questions: 0

Max_updates: 0

Max_connections: 0

Max_user_connections: 0

1 row in set (0.00 sec)

As can be seen from the above, it is a superposition of permissions.

So if you need to reduce permissions, you need to delete the original user and then create a new user!

Also, after re-establishing the user (grant select,update on *. * to 'aa'@'%' identified by' aa';), it is found that delete and insert data can still be obtained.

This is because in addition to controlling permissions in the user table, the db table also controls permissions on the database. You need to delete the corresponding data in it and then flush privileges it!

At this point, I believe you have a deeper understanding of "how to solve the problem that mysql deletes the user and then the new user still has the original permissions". You might as well do it in practice. Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.