From: doug Date: July 31 2011 6:21pm Subject: Re: granting file privileges List-Archive: http://lists.mysql.com/mysql/225450 Message-Id: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Got it - thank you, I did not think about the meaning of file except as it relates to MySQL. Re syntax - thanks. On Sun, 31 Jul 2011, Claudio Nanni wrote: > Hi Doug, > > 1.FILE is GLOBAL because it refers to the ability of the user to read/write > files on the server host filesystem (where the filesystem permissions > allow). > 2. > 1) user@localhost OK, not recommended > 2) 'user@localhost' WRONG > 3) 'user'@'localhost' OK, BEST > > single quotes prevent any problem in case of special characters in the host > name. > > Cheers! > > Claudio > > > 2011/7/31 > >> I have both a theory question and a question on implementation of >> privileges. First theory. I have been using: >> >> grant all privileges on db-name.* to user@localhost >> identified by 'password'; >> >> Because I blunder about as root I never was impacted by 'file' being a >> global permission. As 'load infile' seems (to me) to be equivalant to >> 'insert' I do not see the reason for this. If its just a historical thing, >> so be it, but IMO it makes little sense that a user could create and/or >> delete a table but to import data he is required to convert a csv file to >> 'insert value' statements. >> >> My implementation question is about specifying the user. Apparently the >> following are different: >> >> 1) user@localhost >> 2) 'user@localhost' >> 3) 'user'@'localhost' >> >> I have not tested all this, but I did grant file privileges to #1 but could >> not use them logging into with 'mysql -u doug@localhost sysadmin' ('doug' >> being setup without a password). >> >> The question is which form should be used and why are they different as all >> are accepted without error and all add entries for the users and db tables. >> >> >> _____ >> Douglas Denault >> http://www.safeport.com >> doug@stripped >> Voice: 301-217-9220 >> Fax: 301-217-9277 >> >> -- >> MySQL General Mailing List >> For list archives: http://lists.mysql.com/mysql >> To unsubscribe: http://lists.mysql.com/mysql?** >> unsub=claudio.nanni@stripped >> >> > > > -- > Claudio > _____ Douglas Denault http://www.safeport.com doug@stripped Voice: 301-217-9220 Fax: 301-217-9277