> Well, just one note: LDAP could also supply mysqld with the
> permissions as the user attributes upon authentication. Btw, that
> is why LDAP or whatever authorization system of choice would be
> an effective solution for scalability.
This is true, although this is much more complex and would basically
involve mirroring the entire privilege hierarchy into LDAP, and I'm not
sure I've heard anyone talk about doing that yet. It would also
probably mean doing the permissions lookups "live" against LDAP, which
would be substantially slower than the current privilege system which is
all in in-memory hash tables.
high performance mysql consulting