> > 3) What about preventing user from seeing other users data?
>> Answer is not so easy like it seems to be.
>
>I thought my idea would solve that problem. Only the mysql user has access
>to the databases, and users only have access to their databases when they
>authenticate. Their databases would be in their directory. Sort of a
>chroot or jail for the databases.
>
>> Running mysqld for every user is not an option at all. For 3-5 users
>> maybe it is possible, maybe you can run up to 8 mysqld, but regular
>> hosting server can have hundreds of users.
>
>I agree. This is the problem.
>
>> So using 1 mysqld with several user DB means mysqld has access to all
>> this DB. Currently this means you never want to give users File_priv and
>> you lose functionality. - No LOAD DATA INFILE...., no SELECT INTO
>> OUTFILE ...
>> The problem is that User with File_Priv can read any file on server
>> readable by mysqld !!
>
>Right.
This isn't really a MySQL-specific problem. For example, if multiple
virtual domains are supported by the same Apache process, and each
domain has a user who can install cgi-bin scripts, those scripts all
run with the uid/gid of the Apache server. Any given user can write a
script to access any file that any other user's scripts use. ISPs don't
like to advertise this, but it's true. suEXEC offers some relief, but
that's expensive.
