[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] raq4 mysql
- Subject: Re: [cobalt-users] raq4 mysql
- From: "Nico Meijer" <nico.meijer@xxxxxxxxx>
- Date: Wed Feb 21 10:58:04 2001
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
Hi,
> This sounds so simple but I'm so stuck! I've managed to install PHPMyAdmin
> successfully on my RAQ4 and can log in as root. I know how to create a
> database within PHPMyAdmin, but how do you create a user with privilages
> just to that users database? What is the command/syntax? I'm concerned
about
> security, etc.
Using phpMyAdmin this should turn out to be a breeze. Here's the procedure I
follow:
- insert new row into mysql.user
- fill in the host field: % for any host, localhost for (guess what?)
localhost or an IP address (don't know if hostname will work), leaving
'Function' blank. If at all possible, fill in localhost. To me, giving users
network access to a database is like giving them shell access: don't do it
unless it's absolutely, positively necessary. My opinion.
- fill in desired user name in the User field, leaving 'Function' blank
again
- fill in desired password in the Password field, this time choosing
PASSWORD in the Function field
- leave all other fields to what they are: N(o). For example, choosing Y(es)
for Select_priv will give the new user serverwide select priviledges,
whereas you only want the user to be able to do a select on his/her own
database. Believe me, I've made the mistake...
- save your changes, no harm done yet
- insert new row into mysql.db
- again, fill in the host field
- fill in your user's database
- fill in your user's username
- grant the user his/her rights carefully. The grants only apply to the
specific database, but if a drop priviledge can be avoided: do so. You are
the one who is going to have to restore his/her database for him/her when
you get that Monday morning call.
- save your changes, no harm done yet
- reload the MySQL database server by either using phpMyAdmin (Home -->
Reload MySQL) or if that fails using '[path]/mysqladmin -u root -p reload'.
The harm is now officially done.
You can use your newly created username and password to set up a version of
phpMyAdmin is his/her own webspace.
I hope this works for you. I am not guaranteeing this is the ultimate
method, but it's a way I learned to do it to the best of my (current)
knowledge. If anybody sees a security hazard in my way of working: do say
so!
Do read the MySQL docs at http://www.mysql.com and visit DevShed at
http://www.devshed.com, they have easy to use and comprehend tutorials,
http://www.devshed.com/Server_Side/MySQL/Administration/ being the first you
should read. :-)
Best of luck,
Nico Meijer
(yes, new to the list)
BTW - I am in no way whatsoever affiliated with either MySQL or DevShed. ;-)