The meaning of database permissions:
In order to ensure that the business data in the database is not illegally stolen by unauthorized users, various restrictions need to be imposed on the visitors to the database, and DatabaseSecurity There are three main types of security control measures. The first is user identity authentication, which can be password, magnetic card, fingerprint and other technologies. Only people with legal identities can enter the database. The second type of access permission control. Different roles have different access permissions to the database. The database object and permissions they access must be set for each role. The third type is to formulate a management system for database management. The system ultimately restrictspeople'sbehavior. By formulating corresponding rules and regulations, it can ensure that the data is processed by the right people at the right time. Proper operation.
mysqlThe check of user permissions is divided into two stages
1. Whether a link can be established with the mysql server
2. Whether there are certain Operation permissions (such as: select update, etc.)
1. Establish a link with the mysql server
How does the mysql server verify whether the user can establish Link
1. Verify where you come from host
2. Who are you user
3. Password password
How to link to mysql: C:\Users\PC003>mysql -h192.168.6.223 -uroot -pjalja
Parameter explanation: -h: Where to establish the link
-u: user
-p:Password
mysql> select user,host,password from user; +------+-----------+-------------------------------------------+ | user | host | password | +------+-----------+-------------------------------------------+ | root | localhost | *CFAFE434FB0E5D64538901E668E1EACD077A54DF | | root | % | *CFAFE434FB0E5D64538901E668E1EACD077A54DF | +------+-----------+-------------------------------------------+
host=localhost indicates that the default host can be used for linking (C:\Users\PC003>mysql -uroot -pjalja, C:\Users\PC003>mysql -hlocalhost -uroot -pjalja, C:\Users\PC003>mysql -h127.0.0.1 -uroot -pjalja)
host=% means that the server can be connected to the same local area network (public network) where it is located ). This method is not safe in a production environment.
host=192.168.6.224 means that the server can only establish links with the 192.168.6.224 host C:\Users\PC003>mysql -h192. 168.6.223 -uroot -pjalja
How to modify host:
mysql> update user set host='192.168.6.223' where user ='root'
mysql> flush privileges; refresh permissions (because the modified data is in memory each time the user operates Permission-related operations must be refreshed)
Change password:
mysql> update user set password=password('111111') where user='root'; mysql> flush privileges;
2. How to check permissions in mysql
mysql There is a mysql library in the library. The user table under the library checks whether the user exists, the db table checks what operating permissions the user has on which libraries, and the tables_priv table checks what operating permissions the user has on those tables.
Create user and authorize:
grant [Permission 1, Permission 2] on *.* to user@'host' identfied by 'password';
Common permissions: all, create, drop, insert, delete, update, select
For example: grant the ls user all permissions to all databases and all tables and can log in from any host in this LAN segment.
mysql> grant all on *.* to 'ls'@'192.168.6.%' identified by '111111';
Use this user to log in: C:\Users\PC003>mysql -h192.168.6.223 -uls -p111111;
View the specific permissions of the ls user:
mysql> select * from mysql.user where user='ls' \G; *************************** 1. row *************************** Host: 192.168.6.% User: ls Password: *FD571203974BA9AFE270FE62151AE967ECA5E0AA Select_priv: Y Insert_priv: Y Update_priv: Y Delete_priv: Y Create_priv: Y Drop_priv: Y Reload_priv: Y Shutdown_priv: Y Process_priv: Y File_priv: Y Grant_priv: N References_priv: Y Index_priv: Y Alter_priv: Y Show_db_priv: Y Super_priv: Y Create_tmp_table_priv: Y Lock_tables_priv: Y Execute_priv: Y Repl_slave_priv: Y Repl_client_priv: Y Create_view_priv: Y Show_view_priv: Y Create_routine_priv: Y Alter_routine_priv: Y Create_user_priv: Y Event_priv: Y Trigger_priv: Y Create_tablespace_priv: Y ssl_type: ssl_cipher: x509_issuer: x509_subject: max_questions: 0 max_updates: 0 max_connections: 0 max_user_connections: 0 plugin: authentication_string: NULL
Permission recovery: revoke all permissions of ls
mysql> revoke all on *.* from ls@'192.168.6.%';
Authorize someone Library permissions:
mysql> grant all on blog.* to ls@'192.168.6.%'; Grant the ls user all permissions to the blog database.
In this way, the ls user has no permissions in the user table. At this time, a db-level permission check will be performed.
mysql> select * from mysql.db where user='ls' \G;*************************** 1. row *************************** Host: 192.168.6.% Db: blog User: ls Select_priv: Y Insert_priv: Y Update_priv: Y Delete_priv: Y Create_priv: Y Drop_priv: Y Grant_priv: N References_priv: Y Index_priv: Y Alter_priv: Y Create_tmp_table_priv: Y Lock_tables_priv: Y Create_view_priv: Y Show_view_priv: Y Create_routine_priv: Y Alter_routine_priv: Y Execute_priv: Y Event_priv: Y Trigger_priv: Y
Recover all permissions of the ls user and grant permissions to a certain table: Grant the ls user crud permissions of the user table in the blog library
mysql> revoke all on *.* from ls@'192.168.6.%'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec) mysql> grant insert,update,select,delete on blog.user to ls@'192.168.6.%'; Query OK, 0 rows affected (0.00 sec) mysql> flush privileges; Query OK, 0 rows affected (0.00 sec)
In this way, the ls user does not have permissions at the db level. At this time, the permissions check at the tables_priv level will be performed:
mysql> select * from mysql.tables_priv where user='ls' \G;*************************** 1. row *************************** Host: 192.168.6.% Db: blog User: ls Table_name: user Grantor: root@localhost Timestamp: 2017-02-09 14:35:38 Table_priv: Select,Insert,Update,DeleteColumn_priv:1 row in set (0.00 sec)
mysql permission control Process:
#Note: MySQL's permission check can be accurate to a certain column of data.
The above is the detailed content of Detailed explanation of permission management in mysql learning. For more information, please follow other related articles on the PHP Chinese website!

本篇文章给大家带来了关于mysql的相关知识,其中主要介绍了关于架构原理的相关内容,MySQL Server架构自顶向下大致可以分网络连接层、服务层、存储引擎层和系统文件层,下面一起来看一下,希望对大家有帮助。

在mysql中,可以利用char()和REPLACE()函数来替换换行符;REPLACE()函数可以用新字符串替换列中的换行符,而换行符可使用“char(13)”来表示,语法为“replace(字段名,char(13),'新字符串') ”。

方法:1、利用right函数,语法为“update 表名 set 指定字段 = right(指定字段, length(指定字段)-1)...”;2、利用substring函数,语法为“select substring(指定字段,2)..”。

mysql的msi与zip版本的区别:1、zip包含的安装程序是一种主动安装,而msi包含的是被installer所用的安装文件以提交请求的方式安装;2、zip是一种数据压缩和文档存储的文件格式,msi是微软格式的安装包。

转换方法:1、利用cast函数,语法“select * from 表名 order by cast(字段名 as SIGNED)”;2、利用“select * from 表名 order by CONVERT(字段名,SIGNED)”语句。

本篇文章给大家带来了关于mysql的相关知识,其中主要介绍了关于MySQL复制技术的相关问题,包括了异步复制、半同步复制等等内容,下面一起来看一下,希望对大家有帮助。

本篇文章给大家带来了关于mysql的相关知识,其中主要介绍了mysql高级篇的一些问题,包括了索引是什么、索引底层实现等等问题,下面一起来看一下,希望对大家有帮助。

在mysql中,可以利用REGEXP运算符判断数据是否是数字类型,语法为“String REGEXP '[^0-9.]'”;该运算符是正则表达式的缩写,若数据字符中含有数字时,返回的结果是true,反之返回的结果是false。


Hot AI Tools

Undresser.AI Undress
AI-powered app for creating realistic nude photos

AI Clothes Remover
Online AI tool for removing clothes from photos.

Undress AI Tool
Undress images for free

Clothoff.io
AI clothes remover

AI Hentai Generator
Generate AI Hentai for free.

Hot Article

Hot Tools

SublimeText3 Mac version
God-level code editing software (SublimeText3)

Dreamweaver CS6
Visual web development tools

ZendStudio 13.5.1 Mac
Powerful PHP integrated development environment

Safe Exam Browser
Safe Exam Browser is a secure browser environment for taking online exams securely. This software turns any computer into a secure workstation. It controls access to any utility and prevents students from using unauthorized resources.

PhpStorm Mac version
The latest (2018.2.1) professional PHP integrated development tool
