深入MySQL的权限系统(1)
MySQL有一套先进的但非标准的安全/授权系统,掌握其授权机制是开始操作MySQL数据库必须要走的第一步,对于一个熟悉SQL基本操作的人来说,也是MySQL所有的知识中比较难以理解的一个部分。本节通过揭开其授权系统的运作机制,希望大家能够可以更好地操作和使用
MySQL有一套先进的但非标准的安全/授权系统,掌握其授权机制是开始操作MySQL数据库必须要走的第一步,对于一个熟悉SQL基本操作的人来说,也是MySQL所有的知识中比较难以理解的一个部分。本节通过揭开其授权系统的运作机制,希望大家能够可以更好地操作和使用这个优秀的数据库系统。
MySQL的安全系统是很灵活的,它允许你以多种不同方式设置用户权限。一般地,你可使用标准的SQL语句GRANT和REVOKE语句做,他们为你修改控制客户访问的授权表,然而,你可能由一个不支持这些语句的老版本的MySQL(在3.22.11之前这些语句不起作用),或者你发觉用户权限看起来不是以你想要的方式工作。对于这种情况,了解MySQL授权表的结构和服务器如何利用它们决定访问权限是有帮助的,这样的了解允许你通过直接修改授权表增加、删除或修改用户权限,它也允许你在检查这些表时诊断权限问题。
MySQL授权表的结构
通过网络连接服务器的客户对MySQL数据库的访问由授权表内容来控制。这些表位于mysql数据库中,并在第一次安装MySQL的过程中初始化(运行mysql_install_db脚本)。授权表共有5个表:user、db、host、tables_priv和columns_priv。
授权表user、db和host的结构和作用
表1 授权表user、db和host的结构
授权表的内容有如下用途:
·user表
user表列出可以连接服务器的用户及其口令,并且它指定他们有哪种全局(超级用户)权限。在user表启用的任何权限均是全局权限,并适用于所有数据库。例如,如果你启用了DELETE权限,在这里列出的用户可以从任何表中删除记录,所以在你这样做之前要认真考虑。
·db表
db表列出数据库,而用户有权限访问它们。在这里指定的权限适用于一个数据库中的所有表。
·host表
host表与db表结合使用在一个较好层次上控制特定主机对数据库的访问权限,这可能比单独使用db好些。这个表不受GRANT和REVOKE语句的影响,所以,你可能发觉你根本不是用它。
授权表tables_priv和columns_priv的结构和作用
表2 授权表tables_priv和columns_priv的结构
|
授权表tables_priv |
授权表columns_priv |
|
作用域列 |
|
|
Host |
Host |
|
Db |
Db |
|
User |
User |
|
Table_name |
Table_name |
|
|
Column_name |
|
权限列 |
|
|
Table_priv |
Column_priv |
|
其他列 |
|
|
Timestamp |
Timestamp |
|
Grantor |
|
MySQL没有rows_priv表,因为它不提供记录级权限,例如,你不能限制用户于表中包含特定列值的行。如果你确实需要这种能力,你必须用应用编程来提供。如果你想执行建议的记录级锁定,你可用GET_LOCK()函数做到。
授权表的内容有如下用途:
·tables_priv表
tables_priv表指定表级权限,在这里指定的一个权限适用于一个表的所有列。
·columns_priv表
columns_priv表指定列级权限。这里指定的权限适用于一个表的特定列。
tables_priv和columns_priv表在MySQL 3.22.11版引进(与GRANT语句同时)。如果你有较早版本的MySQL,你的mysql数据库将只有user、db和host表。如果你从老版本升级到3.22.11或更新,而没有tables_priv和columns_priv表,运行mysql_fix_privileges_tables脚本创建它们。
用户的权限
权限信息用user、db、host、tables_priv和columns_priv表被存储在mysql数据库中(即在名为mysql的数据库中)。在MySQL启动时和在7.5权限修改何时生效所说的情况时,服务器读入这些数据库表内容。
数据库和表的权限
下列权限运用于数据库和表上的操作。
·SELECT
允许你使用SELECT语句从表中检索数据。SELECT语句只有在他们真正从一个表中检索行是才需要select权限,你可以执行某个SELECT语句,甚至没有任何到服务器上的数据库里的存取任何东西的许可。例如,你可使用mysql客户作为一个简单的计算器:
mysql> SELECT 1+1;
mysql> SELECT PI()*2;
·UPDATE
允许你修改表中的已有的记录。
·INSERT
允许在表中插入记录
·DELETE
允许你从表中删除现有记录。
·ALTER
允许你使用ALTER TABLE语句,这其实是一个简单的第一级权限,你必须由其他权限,这看你想对数据库实施什么操作。
·CREATE
允许你创建数据库和表,但不允许创建索引。
·DROP
允许你删除(抛弃)数据库和表,但不允许删除索引。
注意:如果你将mysql数据库的drop权限授予一个用户,该用户能抛弃存储了MySQL存取权限的数据库!
·INDEX
允许你创建并删除索引。
·REFERENCES
目前不用。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
MySQL: An Introduction to the World's Most Popular Database
Apr 12, 2025 am 12:18 AM
MySQL is an open source relational database management system, mainly used to store and retrieve data quickly and reliably. Its working principle includes client requests, query resolution, execution of queries and return results. Examples of usage include creating tables, inserting and querying data, and advanced features such as JOIN operations. Common errors involve SQL syntax, data types, and permissions, and optimization suggestions include the use of indexes, optimized queries, and partitioning of tables.
MySQL's Place: Databases and Programming
Apr 13, 2025 am 12:18 AM
MySQL's position in databases and programming is very important. It is an open source relational database management system that is widely used in various application scenarios. 1) MySQL provides efficient data storage, organization and retrieval functions, supporting Web, mobile and enterprise-level systems. 2) It uses a client-server architecture, supports multiple storage engines and index optimization. 3) Basic usages include creating tables and inserting data, and advanced usages involve multi-table JOINs and complex queries. 4) Frequently asked questions such as SQL syntax errors and performance issues can be debugged through the EXPLAIN command and slow query log. 5) Performance optimization methods include rational use of indexes, optimized query and use of caches. Best practices include using transactions and PreparedStatemen
Why Use MySQL? Benefits and Advantages
Apr 12, 2025 am 12:17 AM
MySQL is chosen for its performance, reliability, ease of use, and community support. 1.MySQL provides efficient data storage and retrieval functions, supporting multiple data types and advanced query operations. 2. Adopt client-server architecture and multiple storage engines to support transaction and query optimization. 3. Easy to use, supports a variety of operating systems and programming languages. 4. Have strong community support and provide rich resources and solutions.
How to connect to the database of apache
Apr 13, 2025 pm 01:03 PM
Apache connects to a database requires the following steps: Install the database driver. Configure the web.xml file to create a connection pool. Create a JDBC data source and specify the connection settings. Use the JDBC API to access the database from Java code, including getting connections, creating statements, binding parameters, executing queries or updates, and processing results.
How to start mysql by docker
Apr 15, 2025 pm 12:09 PM
The process of starting MySQL in Docker consists of the following steps: Pull the MySQL image to create and start the container, set the root user password, and map the port verification connection Create the database and the user grants all permissions to the database
MySQL's Role: Databases in Web Applications
Apr 17, 2025 am 12:23 AM
The main role of MySQL in web applications is to store and manage data. 1.MySQL efficiently processes user information, product catalogs, transaction records and other data. 2. Through SQL query, developers can extract information from the database to generate dynamic content. 3.MySQL works based on the client-server model to ensure acceptable query speed.
Laravel Introduction Example
Apr 18, 2025 pm 12:45 PM
Laravel is a PHP framework for easy building of web applications. It provides a range of powerful features including: Installation: Install the Laravel CLI globally with Composer and create applications in the project directory. Routing: Define the relationship between the URL and the handler in routes/web.php. View: Create a view in resources/views to render the application's interface. Database Integration: Provides out-of-the-box integration with databases such as MySQL and uses migration to create and modify tables. Model and Controller: The model represents the database entity and the controller processes HTTP requests.
How to install mysql in centos7
Apr 14, 2025 pm 08:30 PM
The key to installing MySQL elegantly is to add the official MySQL repository. The specific steps are as follows: Download the MySQL official GPG key to prevent phishing attacks. Add MySQL repository file: rpm -Uvh https://dev.mysql.com/get/mysql80-community-release-el7-3.noarch.rpm Update yum repository cache: yum update installation MySQL: yum install mysql-server startup MySQL service: systemctl start mysqld set up booting
