我有一个 mysql 用户(我将称之为)“user5”,他在“show grants”的输出中只有“grant usage”(即没有特权),但仍然可以对数据库“app_db”进行选择(这就是我想要,但我确实理解它是如何拥有这种特权的)。没有匿名用户。user5 如何通过这种配置使用其数据库?
以 user5 登录时:
mysql> show grants;
+--------------------------------------------------------------------------------------------------------------+
| Grants for user5@10.14.% |
+--------------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'user5'@'10.14.%' IDENTIFIED BY PASSWORD '*long hash' |
+--------------------------------------------------------------------------------------------------------------+
以 root 身份登录时,查看 User 表:
mysql> select User, Host, Select_priv from mysql.user;
+----------+---------------+-------------+
| User | Host | Select_priv |
+----------+---------------+-------------+
| root | localhost | Y |
| root | 127.0.0.1 | Y |
| root | 10.14.12.8 | Y |
| user5 | 10.14.% | N |
| (other named non-root users) |
+----------+---------------+-------------+
...然而,作为 user5,“select * from app_db.users”返回结果。
最有可能的是,您的 user5 具有数据库(即模式)权限,而不是服务器范围的权限。所以看这里。
USE app_db;
SHOW GRANTS FOR user5;
或在数据字典中检查相同:
SELECT *
FROM INFORMATION_SCHEMA.SCHEMA_PRIVILEGES
WHERE GRANTEE LIKE '%user5%';
如果没有,那么也许也检查
SELECT *
FROM INFORMATION_SCHEMA.TABLE_PRIVILEGES
WHERE GRANTEE LIKE '%user5%';