MySQL - How the Privilege System Works

MySQL and SQL

(Continued from previous question...)

MySQL - How the Privilege System Works

The MySQL privilege system ensures that all users may do exactly the things that they are supposed to be allowed to do. When you connect to a MySQL server, your identity is determined by the host from which you connect and the user name you specify. The system grants privileges according to your identity and what you want to do.

MySQL considers both your hostname and user name in identifying you because there is little reason to assume that a given user name belongs to the same person everywhere on the Internet. For example, the user bill who connects from whitehouse.gov need not be the same person as the user bill who connects from microsoft.com. MySQL handles this by allowing you to distinguish users on different hosts that happen to have the same name: you can grant bill one set of privileges for connections from whitehouse.gov, and a different set of privileges for connections from microsoft.com.

MySQL access control involves two stages:

Stage 1: The server checks whether or not you are even allowed to connect.
Stage 2: Assuming you can connect, the server checks each request you issue to see whether or not you have sufficient privileges to perform it. For example, if you try to select rows from a table in a database or drop a table from the database, the server makes sure you have the select privilege for the table or the drop privilege for the database. The server uses the user, db, and host tables in the mysql database at both stages of access control. The fields in these grant tables are shown below:

Table name user db host
Scope fields Host Host Host
User Db Db
Password User
Privilege fields Select_priv Select_priv Select_priv
Insert_priv Insert_priv Insert_priv
Update_priv Update_priv Update_priv
Delete_priv Delete_priv Delete_priv
Index_priv Index_priv Index_priv
Alter_priv Alter_priv Alter_priv
Create_priv Create_priv Create_priv
Drop_priv Drop_priv Drop_priv
Grant_priv Grant_priv Grant_priv
References_priv
Reload_priv
Shutdown_priv
Process_priv
File_priv

For the second stage of access control (request verification), the server may, if the request involves tables, additionally consult the tables_priv and columns_priv tables. The fields in these tables are shown below:

Table name tables_priv columns_priv
Scope fields Host Host
Db Db
User User
Table_name Table_name
Column_name
Privilege fields Table_priv Column_priv
Column_priv
Other fields Timestamp Timestamp
Grantor

Each grant table contains scope fields and privilege fields.

Scope fields determine the scope of each entry in the tables, that is, the context in which the entry applies. For example, a user table entry with Host and User values of 'thomas.loc.gov' and 'bob' would be used for authenticating connections made to the server by bob from the host thomas.loc.gov. Similarly, a db table entry with Host, User, and Db fields of 'thomas.loc.gov', 'bob' and 'reports' would be used when bob connects from the host thomas.loc.gov to access the reports database. The tables_priv and columns_priv tables contain scope fields indicating tables or table/column combinations to which each entry applies.

For access-checking purposes, comparisons of Host values are case insensitive. User, Password, Db, and Table_name values are case sensitive. Column_name values are case insensitive in MySQL Version 3.22.12 or later.

Privilege fields indicate the privileges granted by a table entry, that is, what operations can be performed. The server combines the information in the various grant tables to form a complete description of a user's privileges.

Scope fields are strings, declared as shown below; the default value for each is the empty string:

Field name Type
Host CHAR(60)
User CHAR(16)
Password CHAR(16)
Db CHAR(64) (CHAR(60) for the tables_priv and columns_priv tables)
Table_name CHAR(60)
Column_name CHAR(60)

In the user, db and host tables, all privilege fields are declared as ENUM('N','Y') -- each can have a value of 'N' or 'Y', and the default value is 'N'.

In the tables_priv and columns_priv tables, the privilege fields are declared as SET fields:

Table name Field name Possible set elements
tables_priv Table_priv 'Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Grant', 'References', 'Index', 'Alter'
tables_priv Column_priv 'Select', 'Insert', 'Update', 'References'
columns_priv Column_priv 'Select', 'Insert', 'Update', 'References'

Briefly, the server uses the grant tables like this:

The user table scope fields determine whether to allow or reject incoming connections. For allowed connections, any privileges granted in the user table indicate the user's global (superuser) privileges. These privileges apply to all databases on the server.
The db and host tables are used together:
The db table scope fields determine which users can access which databases from which hosts. The privilege fields determine which operations are allowed.
The host table is used as an extension of the db table when you want a given db table entry to apply to several hosts. For example, if you want a user to be able to use a database from several hosts in your network, leave the Host value empty in the user's db table entry, then populate the host table with an entry for each of those hosts.

The tables_priv and columns_priv tables are similar to the db table, but are more fine-grained: they apply at the table and column levels rather than at the database level.
Note that administrative privileges (reload, shutdown, etc.) are specified only in the user table. This is because administrative operations are operations on the server itself and are not database-specific, so there is no reason to list such privileges in the other grant tables. In fact, only the user table need be consulted to determine whether or not you can perform an administrative operation.

The file privilege is specified only in the user table, too. It is not an administrative privilege as such, but your ability to read or write files on the server host is independent of the database you are accessing.

When you modify the contents of the grant tables, it is a good idea to make sure that your changes set up privileges the way you want.

A useful diagnostic tool is the mysqlaccess script, which Yves Carlier has provided for the MySQL distribution. Invoke mysqlaccess with the --help option to find out how it works. Note that mysqlaccess checks access using only the user, db and host tables. It does not check table- or column-level privileges.

(Continued on next question...)

Other Interview Questions

• What's MySQL
• What is DDL, DML and DCL?
• How do you get the number of rows affected by query?
• If the value in the column is repeatable, how do you find out the unique values?
• How do you return the a hundred books starting from 25th?
• You wrote a search engine that should retrieve 10 results at a time, but at the same time you’d like to know how many rows there’re total. How do you display that to the user?
• How would you write a query to select all teams that won either 2, 4, 6 or 8 games?
• How would you select all the users, whose phone number is null?
• What does this query mean: SELECT user_name, user_isp FROM users LEFT JOIN isps USING (user_id)
• How do you find out which auto increment was assigned on the last insert?
• What does –i-am-a-dummy flag to do when starting MySQL?
• On executing the DELETE statement I keep getting the error about foreign key constraint failing. What do I do?
• When would you use ORDER BY in DELETE statement?
• How can you see all indexes defined for a table?
• How would you change a column from VARCHAR(10) to VARCHAR(50)?
• How would you delete a column?
• How would you change a table to InnoDB?
• When you create a table, and then run SHOW CREATE TABLE on it, you occasionally get different results than what you typed in. What does MySQL modify in your newly created tables?
• How do I find out all databases starting with ‘tech’ to which I have access to?
• How do you concatenate strings in MySQL?
• How do you get a portion of a string?
• What’s the difference between CHAR_LENGTH and LENGTH?
• How do you convert a string to UTF-8?
• What do % and _ mean inside LIKE statement?
• What does + mean in REGEXP?
• How do you get the month from a timestamp?
• How do you offload the time/date handling to MySQL?
• How do you add three minutes to a date?
• What’s the difference between Unix timestamps and MySQL timestamps?
• How do you convert between Unix timestamps and MySQL timestamps?
• What are ENUMs used for in MySQL?
• How are ENUMs and SETs represented internally?
• How do you start and stop MySQL on Windows?
• How do you start MySQL on Linux?
• Explain the difference between mysql and mysqli interfaces in PHP?
• What’s the default port for MySQL Server?
• What does tee command do in MySQL?
• Can you save your connection settings to a conf file?
• How do you change a password for an existing user via mysqladmin?
• Use mysqldump to create a copy of the database?
• Have you ever used MySQL Administrator and MySQL Query Browser?
• What are some good ideas regarding user security in MySQL?
• Explain the difference between MyISAM Static and MyISAM Dynamic.
• What does myisamchk do?
• Explain advantages of InnoDB over MyISAM?
• Explain advantages of MyISAM over InnoDB?
• What are HEAP tables in MySQL?
• How do you control the max size of a HEAP table?
• What are CSV tables?
• Explain federated tables.
• What is SERIAL data type in MySQL?
• What happens when the column is set to AUTO INCREMENT and you reach the maximum value for that table?
• Explain the difference between BOOL, TINYINT and BIT.
• Explain the difference between FLOAT, DOUBLE and REAL.
• If you specify the data type as DECIMAL (5,2), what’s the range of values that can go in this table?
• What happens if a table has one column defined as TIMESTAMP?
• But what if you really want to store the timestamp data, such as the publication date of the article?
• Explain data type TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
• What does TIMESTAMP ON UPDATE CURRENT_TIMESTAMP data type do?
• Explain TIMESTAMP DEFAULT ‘2006:09:02 17:38:44? ON UPDATE CURRENT_TIMESTAMP.
• If I created a column with data type VARCHAR(3), what would I expect to see in MySQL table?
• General Information About MySQL
• The Main Features of MySQL
• Database Basics
• MySQL Command Interpreter
• Installing a MySQL Binary Distribution
• MySQL - Quick Installation Overview
• MySQL - MySQL Extensions to ANSI SQL92
• MySQL - Running MySQL in ANSI Mode
• Functionality Missing from MySQL - Sub-selects
• Functionality Missing from MySQL - SELECT INTO TABLE
• Functionality Missing from MySQL - Transactions
• Functionality Missing from MySQL - Stored Procedures and Triggers
• Functionality Missing from MySQL - Foreign Keys
• MySQL - Reasons NOT to Use Foreign Keys constraints
• Functionality Missing from MySQL - `--' as the Start of a Comment
• Functionality Missing from MySQL - How to Cope Without COMMIT/ROLLBACK
• MySQL - General Security
• How to Make MySQL Secure Against Crackers
• MySQL - Startup options to mysqld which concerns security
• MySQL - What the Privilege System Does
• MySQL - User Names and Passwords
• How to connecting to the MySQL Server
• MySQL - Keeping Your Password Secure
• Privileges Provided by MySQL
• MySQL - How the Privilege System Works
• MySQL - Access Control, Stage 1: Connection Verification
• MySQL - Access Control
• MySQL - When Privilege Changes Take Effect
• Setting Up the Initial MySQL Privileges
• Adding New User Privileges to MySQL
• MySQL - Setting Up Passwords
• MySQL - Causes of Access denied Errors
• Replication in MySQL
• MySQL - Replication Implementation Overview
• MySQL - how to set up complete replication on your current MySQL server
• MySQL - Replication Features and known problems
• MySQL - SQL Commands Related to Replication
• MySQL - Why do I sometimes see more than one Binlog_Dump thread on the master after I have restarted the slave?
• MySQL - How do I rotate replication logs?
• MySQL - How do I upgrade on a hot replication setup?
• MySQL - What issues should I be aware of when setting up two-way replication?
• MySQL - How can I use replication to improve performance of my system?
• MySQL - What should I do to prepare my client code to use performance-enhancing replication?
• MySQL - When and how much can MySQL replication improve the performance of my system?
• MySQL - How can I use replication to provide redundancy/high availability?
• MySQL - Troubleshooting Replication
• How to get Maximum Performance from MySQL
• MySQL - Optimization Overview
• MySQL - System/Compile Time and Startup Parameter Tuning
• MySQL - Disk Issues
• MySQL - Using Symbolic Links for Databases and Tables
• MySQL - Tuning Server Parameters
• How MySQL Opens and Closes Tables
• MySQL - Drawbacks to Creating Large Numbers of Tables in the Same Database
• MySQL - Why So Many Open tables?
• How MySQL Uses Memory
• How MySQL Locks Tables
• MySQL - Table Locking Issues
• How MySQL uses DNS
• MySQL - Get Your Data as Small as Possible
• How MySQL Uses Indexes
• MySQL - Speed of Queries that Access or Update Data
• MySQL - Estimating Query Performance
• MySQL - Speed of SELECT Queries
• How MySQL Optimizes WHERE Clauses
• How MySQL Optimizes DISTINCT
• How MySQL Optimizes LEFT JOIN and RIGHT JOIN
• How MySQL Optimizes LIMIT
• MySQL - Speed of INSERT Queries
• MySQL - Speed of UPDATE Queries
• MySQL - Speed of DELETE Queries
• MySQL - Other Optimization Tips
• MySQL - Using Your Own Benchmarks
• How MySQL Stores Its Row Data and Index Data?
• MySQL is Portability
• What Have We Used MySQL For?
• What is the difference between mysql_fetch_array and mysql_fetch_object?
• What are the different table present in MYsql?