How to properly implement the security access data on MySQL?

Question

How to properly implement the security access data on MySQL?

3 Answers

Related questions

0 like 0 dislike

1 answer

How to properly implement many_to_many SQL query?

asked Apr 5, 2019 by skuridin

0 like 0 dislike

1 answer

How in mySQL to find the id number for a string value?

asked May 21, 2019 by lidiya11

0 like 0 dislike

1 answer

How to implement automatic run the stored procedure once in two days in MySQL?

asked Apr 4, 2019 by reZed

0 like 0 dislike

1 answer

How to write data in two tables in MySQL?

asked Apr 13, 2019 by Mr-Governor

0 like 0 dislike

2 answers

MYSQL. How to make the sample more/less in the column where you store the JSON data?

asked Apr 14, 2019 by apple-apple

inheaven · Answer 1 · 2019-03-23T20:31:02+0000

If groups a bit of a growth tendencies, you can be the limiting VIEW and distribute user access there.
\r
The other way is a stored procedure, carefully check all settings. Users are given access to these procedures, and access tables directly is not allowed.
The problem is that in mysql, these things are not fully and ideally implemented.
\r
The third way -"trehdverka". additional server program, which communicate with the client application. She does all validation in the language you prefer.

pwlnw · Answer 2 · 2019-03-23T20:31:02+0000

If groups a bit of a growth tendencies, you can be the limiting VIEW and distribute user access there.
\r
The other way is a stored procedure, carefully check all settings. Users are given access to these procedures, and access tables directly is not allowed.
The problem is that in mysql, these things are not fully and ideally implemented.
\r
The third way -"trehdverka". additional server program, which communicate with the client application. She does all validation in the language you prefer.

inheaven · Answer 3 · 2019-03-23T20:31:02+0000

In MySQL you do not succeed. Without grant on the SELECT CALL fails. In General, there is privilege in the ass done. Example. Make 1 table and one procedure with select from this table. The user is given the grant to execute the procedure. The result: the procedure is not performed since there is no grant SELECT within a procedure. Complete nonsense...
\r
mysql> create database t;
Query OK, 1 row affected (0.00 sec)
\r
mysql> use t
Database changed
mysql> CREATE TABLE `testtable` (
-> `id` int(11) NOT NULL,
-> `name` varchar(255) NOT NULL
-> ) ENGINE=InnoDB DEFAULT CHARSET=latin1;
Query OK, 0 rows affected (0.06 sec)
\r
mysql> DELIMITER $$
mysql> CREATE
-> PROCEDURE testproc ()
-> SQL SECURITY INVOKER
-> BEGIN
-> SELECT * FROM testtable;
-> END$$
Query OK, 0 rows affected (0.00 sec)
\r
mysql> grant usage on t.* to testuser@localhost identified by 'qwe';
Query OK, 0 rows affected (0.01 sec)
mysql> grant execute on procedure t.testproc to testuser@localhost;
Query OK, 0 rows affected (0.01 sec)
mysql> exit
Bye
\r
# mysql-u testuser -p
mysql> use t
Database changed
mysql> select * from testtable;
ERROR 1142 (42000): SELECT command denied to user 'testuser'@'localhost' for table 'testtable'
mysql> call testproc();
ERROR 1142 (42000): SELECT command denied to user 'testuser'@'localhost' for table 'testtable'

How to properly implement the security access data on MySQL?

Please log in or register to add a comment.

Please log in or register to answer this question.

3 Answers

Please log in or register to add a comment.

Please log in or register to add a comment.

Please log in or register to add a comment.

Related questions

Most popular tags