Privilege Necessary for USE <database> Statement
Which privilege (in MySQL 5.1) is minimally necessary for enabling the equivalent of the USE database statement, which in PHP for MySQL is the mysql_select_db() function?
I don't want any privilege that provides more actions on a database, such as creation or dropping.
I have a separate (segregated) database from the mysql db with user table provided by MySQL during its setup, which is a database (assume the name = 'university_department_records_and_info') with an 'authorized_users' table.
So for the purposes of getting access to that db and table, I have created two user accounts (which are of course in the 'user' table of the 'mysql' database):
1. unpriv_guest: this password-requiring account is supposed to grant the MINIMUM privilege just for selecting (USE) the 'univer..' database, and reading the 'authorized_users' table to check username/password login info.
2. priv_guest: If the check is true in 1 (authenticated/logged in), then the connection (new mysql_connect() in PHP) is "elevated" with the ability of the authorized user to select/update/insert table records in database 'univer....', using PHP functions, of course. User priv_guest must have all grant options that enable such table operations, and of course the ability to select the database by the equivalent of MySQL statements in PHP.
Does anyone have an idea of the appropriate system grants for each of these two user accounts?
As far as I can tell, if a given DB user has any privilege on a given database, then he can "use" it; if not, then it will fail with an error.
"Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
~ Terry Pratchett in Nation
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Tags for this Thread