Copyright (C) 2000-2012 |
GNU Info (mysql.info)Privileges optionsStartup Options for `mysqld' Concerning Security ------------------------------------------------ The following `mysqld' options affect security: `--safe-show-database' With this option, `SHOW DATABASES' returns only those databases for which the user has some kind of privilege. `--safe-user-create' If this is enabled, an user can't create new users with the `GRANT' command, if the user doesn't have `INSERT' privilege to the `mysql.user' table. If you want to give a user access to just create new users with those privileges that the user has right to grant, you should give the user the following privilege: GRANT INSERT(user) on mysql.user to 'user'h'ostname'; This will ensure that the user can't change any privilege columns directly, but has to use the `GRANT' command to give privileges to other users. `--skip-grant-tables' This option causes the server not to use the privilege system at all. This gives everyone _full access_ to all databases! (You can tell a running server to start using the grant tables again by executing `mysqladmin flush-privileges' or `mysqladmin reload'.) `--skip-name-resolve' Hostnames are not resolved. All `Host' column values in the grant tables must be IP numbers or `localhost'. `--skip-networking' Don't allow TCP/IP connections over the network. All connections to `mysqld' must be made via Unix sockets. This option is unsuitable for systems that use MIT-pthreads, because the MIT-pthreads package doesn't support Unix sockets. `--skip-show-database' With this option, the `SHOW DATABASES' statement doesn't return anything. automatically generated by info2www version 1.2.2.9 |