GNU Info

(mysql.info)Privileges options

---

Next: What Privileges Prev: Security Up: Privilege system

---

Enter node , (file) or (file)node

Startup Options for `mysqld' Concerning Security
------------------------------------------------

The following `mysqld' options affect security:

`--safe-show-database'
     With this option, `SHOW DATABASES' returns only those databases
     for which the user has some kind of privilege.

`--safe-user-create'
     If this is enabled, an user can't create new users with the `GRANT'
     command, if the user doesn't have `INSERT' privilege to the
     `mysql.user' table.  If you want to give a user access to just
     create new users with those privileges that the user has right to
     grant, you should give the user the following privilege:

          GRANT INSERT(user) on mysql.user to 'user'h'ostname';

     This will ensure that the user can't change any privilege columns
     directly, but has to use the `GRANT' command to give privileges to
     other users.

`--skip-grant-tables'
     This option causes the server not to use the privilege system at
     all. This gives everyone _full access_ to all databases!  (You can
     tell a running server to start using the grant tables again by
     executing `mysqladmin flush-privileges' or `mysqladmin reload'.)

`--skip-name-resolve'
     Hostnames are not resolved.  All `Host' column values in the grant
     tables must be IP numbers or `localhost'.

`--skip-networking'
     Don't allow TCP/IP connections over the network.  All connections
     to `mysqld' must be made via Unix sockets. This option is
     unsuitable for systems that use MIT-pthreads, because the
     MIT-pthreads package doesn't support Unix sockets.

`--skip-show-database'
     With this option, the `SHOW DATABASES' statement doesn't return
     anything.