stackoom
  简体   繁体   中英

Difference between Create User and Grant Privileges in MySQL

 原文  2014-03-07 17:37:40       mysql

Question

I have a question related to passwords:

We can create a user and assign him a password by doing this: 

CREATE USER Bobby IDENTIFIED BY 12345

Then we can also grant him permissions by doing: 

GRANT ALL ON *.* TO Bobby@'localhost' IDENTIFIED BY 'password';

However, when we change the password for that user by doing: 

SET PASSWORD FOR 'Bobby'@'localhost' = PASSWORD('newpassword');

I am able to login with this new password, and also do any kind of queries to the databases. So, is it true that when updating the password, we are actually updating both the one created with CREATE USER Bobby and the one created with GRANT ?

The other part of the question is... If the password used when CREATE is different than the password used when GRANT, it seems that the GRANT password takes priority. So, why would the password in CREATE be useful for?

1 answers

solution1
 1 ACCPTED  2014-03-07 18:40:35

Here's what happens.

With this 

CREATE USER 'Bobby' IDENTIFIED BY '12345';

a user is created. He has no rights but to connect and look at how the server is configured and at some status variables. The same happens when you do this: 

GRANT USAGE ON *.* TO 'Bobby'@'localhost' IDENTIFIED BY '12345';

You don't even need the CREATE USER statement before. The GRANT statement would create the user if it doesn't exist.
Because we specified a password with the GRANT statement, the password gets changed, too. There are no separate passwords or whatever.

When you change your password either via GRANT statement or via SET PASSWORD , you can only login with the new password.

While the privileges are checked for every query, the password isn't! When you don't disconnect, you can still execute all queries you have the rights for, although you connected with the old password.

Edit: I have to correct myself, the privileges are not checked for every query. The user has the rights he had when he connected as long as he is connected. When privileges are revoked from the user, he has to reconnect to really lose the privilege.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Grant privileges to user in MySQL How can I give CREATE USER and GRANT privileges to an user in MySQL? MySQL Grant User Privileges Error Grant privileges to an existing user in MySQL Mysql grant all privileges to user PHP PDO Create MySQL database and user and grant privileges MySQL version 5.6.23 not allowing me to create a new user/grant privileges Mysql stored procedure to create user and grant privileges based on one of parameters Create a user with all privileges but grant MySQL/MariaDB: What is the difference between 'GRANT … IDENTIFIED BY' vs 'CREATE USER' and then 'GRANT'?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM