Databases Reference
In-Depth Information
+-----------+-------+------+------------+----------------+...
... +---------------------+------------+-------------+
... | Timestamp | Table_priv | Column_priv |
... +---------------------+------------+-------------+
... | 2006-08-21 10:03:18 | Index | |
... | 2006-08-21 10:12:36 | | Update |
... +---------------------+------------+-------------+
2 rows in set (0.25 sec)
You can see that that the Update privilege is now available on at least one of the columns
of the album table, but the tables_priv table doesn't show which column or columns.
The columns_priv Table
The columns_priv table lists which privileges are available for which columns. It's only
accessed if the tables_priv table says that a privilege is available for one or more col-
umns in a table and that privilege isn't already available at the table level. We've granted
UPDATE to 'bob'@'localhost' for the album_name column in the album table. Here's what's
stored:
mysql> SELECT * FROM columns_priv WHERE User = 'bob';
+-----------+-------+------+------------+-------------+...
| Host | Db | User | Table_name | Column_name |...
+-----------+-------+------+------------+-------------+...
| localhost | music | bob | album | album_name |...
+-----------+-------+------+------------+-------------+...
... +---------------------+-------------+
... | Timestamp | Column_priv |
... +---------------------+-------------+
... | 2006-08-21 10:12:36 | Update |
... +---------------------+-------------+
1 row in set (0.07 sec)
The table structure is much the same as tables_priv , except that it includes the Col
umn_name but no table privileges.
The host Table
The remaining privilege table is host . This table isn't modified or accessed by the
GRANT and REVOKE statements. Therefore, it can be maintained only by SQL queries, and
so remains unused in most MySQL installations. Indeed, you can skip this advanced
section if you want.
The server verifies that users have authorization to perform an operation by checking
the global privileges listed for them in the user table. If they don't have the required
privilege for all databases, then the server checks the db table to see whether they have
that privilege for the active database. If the Host field in the db table is blank, the user's
privileges for the database vary depending on the host they're connecting from. These
privileges are stored in the host table and are verified against the global settings in the
db table to determine the privileges for a database when it's accessed from a client or
 
Previous Page
Next Page
Learning MySQL
Search WWH ::




Custom Search
Home