List:General Discussion« Previous MessageNext Message »
From:doug Date:July 31 2011 6:21pm
Subject:Re: granting file privileges
View as plain text  
Got it - thank you, I did not think about the meaning of file except as it 
relates to MySQL. Re syntax - thanks.

On Sun, 31 Jul 2011, Claudio Nanni wrote:

> Hi Doug,
>
> 1.FILE is GLOBAL because it refers to the ability of the user to read/write
> files on the server host filesystem (where the filesystem permissions
> allow).
> 2.
>  1) user@localhost   OK, not recommended
>  2) 'user@localhost'  WRONG
>  3) 'user'@'localhost'  OK, BEST
>
> single quotes prevent any problem in case of special characters in the host
> name.
>
> Cheers!
>
> Claudio
>
>
> 2011/7/31 <doug@stripped>
>
>> I have both a theory question and a question on implementation of
>> privileges. First theory. I have been using:
>>
>>   grant all privileges on db-name.* to user@localhost
>>      identified by 'password';
>>
>> Because I blunder about as root I never was impacted by 'file' being a
>> global permission. As 'load infile' seems (to me) to be equivalant to
>> 'insert' I do not see the reason for this. If its just a historical thing,
>> so be it, but IMO it makes little sense that a user could create and/or
>> delete a table but to import data he is required to convert a csv file to
>> 'insert value' statements.
>>
>> My implementation question is about specifying the user. Apparently the
>> following are different:
>>
>>   1) user@localhost
>>   2) 'user@localhost'
>>   3) 'user'@'localhost'
>>
>> I have not tested all this, but I did grant file privileges to #1 but could
>> not use them logging into with 'mysql -u doug@localhost sysadmin' ('doug'
>> being setup without a password).
>>
>> The question is which form should be used and why are they different as all
>> are accepted without error and all add entries for the users and db tables.
>>
>>
>> _____
>> Douglas Denault
>> http://www.safeport.com
>> doug@stripped
>> Voice: 301-217-9220
>>  Fax: 301-217-9277
>>
>> --
>> MySQL General Mailing List
>> For list archives: http://lists.mysql.com/mysql
>> To unsubscribe:    http://lists.mysql.com/mysql?**
>> unsub=claudio.nanni@stripped<http://lists.mysql.com/mysql?unsub=1
>>
>>
>
>
> -- 
> Claudio
>

_____
Douglas Denault
http://www.safeport.com
doug@stripped
Voice: 301-217-9220
   Fax: 301-217-9277
Thread
granting file privilegesdoug31 Jul
  • Re: granting file privilegesClaudio Nanni31 Jul
    • Re: granting file privilegesdoug31 Jul