The first thing we need to do is create a new user. You could have your application access MySQL as the root user, but that has serious security risks. There are more ways how you can do this
- Using CREATE USER and/or GRANT commands
- Inserting a new record into the mysql.user table
CREATE USER user [IDENTIFIED BY [PASSWORD] 'password']
Here is an example:
CREATE USER 'user1'@'localhost' IDENTIFIED BY 'pass1';
Now if you check the mysql.user table you can find a new record in it. Notice that all privileges are set to No so this user can do nothing in the DB. To add some privileges we can use the GRANT command as follows:
GRANT SELECT,INSERT,UPDATE,DELETE ON *.* TO 'user1'@'localhost';
Here we have added only the most important privileges to the user. With the setting above this user is good to run a CMS or a blog, however with such settings this user will not able to install them as it cannot create tables. To add all privileges to the user you don't have to list all of them but you can use the ALL shortcut as follows:
GRANT ALL ON *.* TO 'user1'@'localhost';
You can create a new MySQL user in one step as well using again the GRANT command with a small extension as here:
GRANT ALL ON *.* TO 'user2'@'localhost' IDENTIFIED BY 'pass1';
The above examples used dedicated commands, but sometimes you maybe want to add a new MySQL user via directly editing the mysql.user table. In this case you just inserts a new record into the table with a normal INSERT command:
INSERT INTO user (Host,User,Password) VALUES('localhost','user3',PASSWORD('pass3'));
Or you can add some privileges as well in a form like this:
INSERT INTO user (Host,User,Password,Select_priv,Insert_priv)
VALUES('localhost','user4',PASSWORD('pass3'),'Y','Y');
VALUES('localhost','user4',PASSWORD('pass3'),'Y','Y');
No comments:
Post a Comment