List:General Discussion« Previous MessageNext Message »
From:Paul DuBois Date:January 12 2000 10:34pm
Subject:How WITH GRANT OPTION is supposed to work
View as plain text  
There's been some discussion the last couple of days about what a user
should be able to do if you grant privileges to that user and specify
the WITH GRANT OPTION clause on the GRANT statement.

The discussion started with the observation that such users where then
able to change the passwords for other user when they shouldn't have
been able to, and that's been acknowledged as a bug that will be fixed.
But in hopes of clearing up the way that GRANT *should* work, here
are some comments.

1) The GRANT privilege is *not* just a global privilege.  It can be granted
globally if you specify ON *.* in the GRANT statement, but it need not
be.  All the grant tables have a slot for recording whether or not GRANT
is enabled, except the columns_priv table.

2) The intent of non-global GRANT is that you can GRANT privileges to
a user, and then that user can then administer the privileges he himself
possesses.  For instance, you can grant privileges over a database to
a user with the WITH GRANT OPTION so that that user can administrate who
can use the database.

3) Even if you have the GRANT privilege, you cannot grant privileges that
you do not have yourself.

4) If you have the GRANT privilege, you cannot set or change the
password of other users unless you have INSERT or UPDATE privileges on the
user table.  (This is where the bug was - insufficient checking of this
condition.)

-- 
Paul DuBois, paul@stripped
Thread
Any user with 'grant' privilege can change root's password in 3.22.27?Viktor Fougstedt10 Jan
  • Re: Any user with 'grant' privilege can change root's password in 3.22.27?sinisa10 Jan
    • Re: Any user with 'grant' privilege can change root's password in3.22.27?Viktor Fougstedt10 Jan
      • Re: Any user with 'grant' privilege can change root's password in3.22.27?Viktor Fougstedt10 Jan
        • Re: Any user with 'grant' privilege can change root's password in3.22.27?sinisa10 Jan
          • Re: Any user with 'grant' privilege can change root's password in3.22.27?Viktor Fougstedt10 Jan
            • Re: Any user with 'grant' privilege can change root's password in3.22.27?sinisa10 Jan
          • Re: Any user with 'grant' privilege can change root's password in3.22.27?Viktor Fougstedt10 Jan
            • Re: Any user with 'grant' privilege can change root's password in3.22.27?sinisa10 Jan
              • Re: Any user with 'grant' privilege can change root's password in 3.22.27?Benjamin Pflugmann10 Jan
                • Re: Any user with 'grant' privilege can change root's password in 3.22.27?Michael Widenius11 Jan
              • How WITH GRANT OPTION is supposed to workPaul DuBois13 Jan
              • How WITH GRANT OPTION is supposed to workPaul DuBois13 Jan
          • Re: Any user with 'grant' privilege can change root's password in 3.22.27?Van11 Jan
            • Re: Any user with 'grant' privilege can change root's password in 3.22.27?Michael Widenius11 Jan
          • Any Ideas on a Release Date for 3.23.10?Van16 Jan
            • Re: Any Ideas on a Release Date for 3.23.10?sinisa16 Jan
              • Re: Any Ideas on a Release Date for 3.23.10?Dylan Neild17 Jan
                • Re: Any Ideas on a Release Date for 3.23.10?Van17 Jan
              • Re: Any Ideas on a Release Date for 3.23.10?Paul DuBois17 Jan
                • Re: Any Ideas on a Release Date for 3.23.10?Michael Widenius26 Jan
        • tool set for C programmersJuan Manuel Doren10 Jan
        • Re: Any user with 'grant' privilege can change root's password in3.22.27?Michael Widenius10 Jan
      • Re: Any user with 'grant' privilege can change root's password in3.22.27?sinisa10 Jan
        • RE: Any user with 'grant' privilege can change root's password in3.22.27?Robert Goff10 Jan
          • RE: Any user with 'grant' privilege can change root's password in3.22.27?sinisa10 Jan
            • RE: Any user with 'grant' privilege can change root's passwordin3.22.27?Viktor Fougstedt10 Jan
              • RE: Any user with 'grant' privilege can change root's passwordin3.22.27?sinisa10 Jan
                • RE: Any user with 'grant' privilege can change root's passwordin3.22.27?Viktor Fougstedt10 Jan
                • RE: Any user with 'grant' privilege can change root's passwordin3.22.27?Viktor Fougstedt11 Jan
            • RE: Any user with 'grant' privilege can change root's password in3.22.27?Michael Widenius11 Jan