mysql access control
The foundation of MySQL server security is: users should have appropriate access rights to the data they need, neither more nor less. In other words, users cannot have too much access to too much data.
Consider the following:
1. Most users only need to read and write tables, but a few users even need to be able to create and delete tables;
2. Some users need to read tables, but may not need to update table;
3. You may want to allow users to add data, but not allow them to delete data;
4. Some users (administrators) may need permission to handle user accounts, but most users do not;
5. You may want to let users access data through stored procedures, but not allow them to access data directly;
6. You may want to restrict access to certain features based on where the user is logged in.
These are just examples, but they help illustrate the important fact that you need to give your users the access they need, and only the access they need. This is called access control, and managing access control requires creating and managing user accounts.
Using MySQL Administrator MySQL Administrator provides a graphical user interface that can be used to manage users and account permissions. MySQL Administrator internally uses the statements introduced in this chapter to enable you to interactively and conveniently manage access control.
We know that in order to perform database operations, you need to log in to MySQL. MySQL creates a user account named root, which has complete control of the entire MySQL server. You may have logged in as root throughout the chapters in this book, which is good when experimenting with MySQL on non-realistic databases. But in real-world day-to-day work, root should never be used. A series of accounts should be created, some for management, some for users, some for developers, etc.
Preventing Unintentional Errors It’s important to note that the purpose of access control is not just to protect against malicious intent by users. Data nightmares are more commonly the result of unintentional mistakes, such as mistyping MySQL statements, operating in an inappropriate database, or some other user error. Access control helps avoid these situations by ensuring that users cannot execute statements they should not execute.
Don’t use root The use of root login should be taken seriously. Only use it when absolutely necessary (perhaps when you can't log into other administrative accounts). Root should not be used in daily MySQL operations.
【Related recommendations】
2. MySQL character set and collation order usage tutorial
3. Introduction to MySQL character set and collation order
4. mysql 5.5 installation Detailed graphic and text explanation
5. Example detailed explanation of the use tutorial of join operation in Mysql
The above is the detailed content of Several points to note about mysql access control. For more information, please follow other related articles on the PHP Chinese website!