MySQL权限篇之GRANT OPTION
2016-03-28 11:23
549 查看
GRANT OPTION,用户被授予了某个权限,那么默认情况下,该用户是不能把这个权限授予给其他人的。
但是可以使用WITH GRANT OPTION这个子句来让该用户可以将权限再授予给其他人。比如:
mysql> grant update on cms.t_account to 'ut01'@'%' with grant option;
Query OK, 0 rows affected (0.06 sec)
mysql> show grants for 'ut01'@'%';
+---------------------------------------------------------------------------+
| Grants for ut01@% |
+---------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT UPDATE ON `cms`.`t_account` TO 'ut01'@'%' WITH GRANT OPTION |
+---------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql>
但是除了使用该子句指定之外,还是通过直接授予GRANT OPTION权限来达到这个效果。比如:
D:\temp>mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.7.11-log MySQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show grants for 'ut01'@'%';
+----------------------------------+
| Grants for ut01@% |
+----------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
+----------------------------------+
1 row in set (0.00 sec)
mysql> grant select on test.t_area to 'ut01'@'%';
Query OK, 0 rows affected (0.07 sec)
mysql> show grants for 'ut01'@'%';
+-----------------------------------------------+
| Grants for ut01@% |
+-----------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT SELECT ON `test`.`t_area` TO 'ut01'@'%' |
+-----------------------------------------------+
2 rows in set (0.00 sec)
mysql> grant delete on cms.t_account to 'ut01'@'%';
Query OK, 0 rows affected (0.01 sec)
mysql> show grants for 'ut01'@'%';
+-------------------------------------------------+
| Grants for ut01@% |
+-------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT DELETE ON `cms`.`t_account` TO 'ut01'@'%' |
| GRANT SELECT ON `test`.`t_area` TO 'ut01'@'%' |
+-------------------------------------------------+
3 rows in set (0.00 sec)
mysql> grant grant option on test.t_area to 'ut01'@'%';
Query OK, 0 rows affected (0.06 sec)
mysql> show grants for 'ut01'@'%';
+-----------------------------------------------------------------+
| Grants for ut01@% |
+-----------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT DELETE ON `cms`.`t_account` TO 'ut01'@'%' |
| GRANT SELECT ON `test`.`t_area` TO 'ut01'@'%' WITH GRANT OPTION | #在test.t_area对象上的select权限,自动具有了with grant option属性
+-----------------------------------------------------------------+
3 rows in set (0.00 sec)
mysql> grant insert on test.t_area to 'ut01'@'%';
Query OK, 0 rows affected (0.08 sec)
mysql> show grants for 'ut01'@'%';
+-------------------------------------------------------------------------+
| Grants for ut01@% |
+-------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT DELETE ON `cms`.`t_account` TO 'ut01'@'%' |
| GRANT SELECT, INSERT ON `test`.`t_area` TO 'ut01'@'%' WITH GRANT OPTION | #虽然insert是后面加上的,但是同样具有了grant option属性,因为其权限范围也是test.t_area
+-------------------------------------------------------------------------+
3 rows in set (0.00 sec)
mysql>
但是可以使用WITH GRANT OPTION这个子句来让该用户可以将权限再授予给其他人。比如:
mysql> grant update on cms.t_account to 'ut01'@'%' with grant option;
Query OK, 0 rows affected (0.06 sec)
mysql> show grants for 'ut01'@'%';
+---------------------------------------------------------------------------+
| Grants for ut01@% |
+---------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT UPDATE ON `cms`.`t_account` TO 'ut01'@'%' WITH GRANT OPTION |
+---------------------------------------------------------------------------+
2 rows in set (0.00 sec)
mysql>
但是除了使用该子句指定之外,还是通过直接授予GRANT OPTION权限来达到这个效果。比如:
D:\temp>mysql
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 12
Server version: 5.7.11-log MySQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show grants for 'ut01'@'%';
+----------------------------------+
| Grants for ut01@% |
+----------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
+----------------------------------+
1 row in set (0.00 sec)
mysql> grant select on test.t_area to 'ut01'@'%';
Query OK, 0 rows affected (0.07 sec)
mysql> show grants for 'ut01'@'%';
+-----------------------------------------------+
| Grants for ut01@% |
+-----------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT SELECT ON `test`.`t_area` TO 'ut01'@'%' |
+-----------------------------------------------+
2 rows in set (0.00 sec)
mysql> grant delete on cms.t_account to 'ut01'@'%';
Query OK, 0 rows affected (0.01 sec)
mysql> show grants for 'ut01'@'%';
+-------------------------------------------------+
| Grants for ut01@% |
+-------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT DELETE ON `cms`.`t_account` TO 'ut01'@'%' |
| GRANT SELECT ON `test`.`t_area` TO 'ut01'@'%' |
+-------------------------------------------------+
3 rows in set (0.00 sec)
mysql> grant grant option on test.t_area to 'ut01'@'%';
Query OK, 0 rows affected (0.06 sec)
mysql> show grants for 'ut01'@'%';
+-----------------------------------------------------------------+
| Grants for ut01@% |
+-----------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT DELETE ON `cms`.`t_account` TO 'ut01'@'%' |
| GRANT SELECT ON `test`.`t_area` TO 'ut01'@'%' WITH GRANT OPTION | #在test.t_area对象上的select权限,自动具有了with grant option属性
+-----------------------------------------------------------------+
3 rows in set (0.00 sec)
mysql> grant insert on test.t_area to 'ut01'@'%';
Query OK, 0 rows affected (0.08 sec)
mysql> show grants for 'ut01'@'%';
+-------------------------------------------------------------------------+
| Grants for ut01@% |
+-------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'ut01'@'%' |
| GRANT DELETE ON `cms`.`t_account` TO 'ut01'@'%' |
| GRANT SELECT, INSERT ON `test`.`t_area` TO 'ut01'@'%' WITH GRANT OPTION | #虽然insert是后面加上的,但是同样具有了grant option属性,因为其权限范围也是test.t_area
+-------------------------------------------------------------------------+
3 rows in set (0.00 sec)
mysql>
相关文章推荐
- MySQLNonTransientConnectionException: No operations allowed after connection closed.
- 【转载南非蚂蚁】MYSQL企业常用架构与调优经验分享
- PLSQL Developer连接远程Oracle数据库
- Pholcus初探
- SQL SERVER 中 GO 的用法2
- SQL SERVER 中 GO 的用法
- SQL SERVER中架构的理解
- Option '--debug-info' used, but is disabled/mysqlslap --debuginfo被禁止
- [go] database/sql包执行生成的SQL语句,遇到Incorrect Integer错误
- 高性能Mysql主从架构的复制原理及配置详解
- 解决PLSQL Developer 插入中文 乱码问题
- django 修改models后 sqlite3 中不存在相应的表
- SQL Server存储过程Return、output参数及使用技巧
- Mac下用OracleSQLDeveloper连接Windows虚拟机的Oracle数据库
- Mac下用OracleSQLDeveloper连接Windows虚拟机的Oracle数据库
- CentOS下编写shell脚本来监控MySQL主从复制
- MySQL权限篇之DROP
- MySQL数据库维护、备份、和复制
- ABAP调优——Open SQL优化
- mysql企业常用架构和调优