Bug #14919 | dont escapes wildcards in `mysql`.`db`.`Db` | ||
---|---|---|---|
Submitted: | 14 Nov 2005 11:10 | Modified: | 1 Aug 2006 13:20 |
Reporter: | Sebastian Mendel (Basic Quality Contributor) | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Administrator | Severity: | S2 (Serious) |
Version: | 1.1.4 | OS: | Windows (Windows XP SP2) |
Assigned to: | Vladimir Kolesnikov | CPU Architecture: | Any |
Tags: | User Management |
[14 Nov 2005 11:10]
Sebastian Mendel
[16 Nov 2005 18:50]
Valeriy Kravchuk
Thank you for a problem report. MySQL Administrator works just as you described. But mysql command line client works the same way: C:\Documents and Settings\openxs>mysql -uroot -p -P3307 Enter password: **** Welcome to the MySQL monitor. Commands end with ; or \g. Your MySQL connection id is 1 to server version: 5.0.15-nt Type 'help;' or '\h' for help. Type '\c' to clear the buffer. mysql> create database test_test; Query OK, 1 row affected (0.01 sec) mysql> grant all on `test_test`.* to user11 identified by 'user11'; Query OK, 0 rows affected (0.04 sec) mysql> select user, Db from mysql.db where user like 'user1%'; +--------+-----------+ | user | Db | +--------+-----------+ | user1 | test | | user11 | test_test | | user12 | test_test | <-- this user was granted all on test_test in Admin. +--------+-----------+ 3 rows in set (0.00 sec) The manual clearly states (http://dev.mysql.com/doc/refman/5.0/en/request-access.html): "The wildcard characters ‘%’ and ‘_’ can be used in the Host and Db columns of either table. These have the same meaning as for pattern-matching operations performed with the LIKE operator. If you want to use either character literally when granting privileges, you must escape it with a backslash. For example, to include the underscore character (‘_’) as part of a database name, specify it as ‘\_’ in the GRANT statement." Neither me not escaped _, nor MySQL Administrator did it by default. May be, it is a feature request, but I am not sure that it is a bug. What do you think?
[16 Nov 2005 22:07]
Sebastian Mendel
i think it's bug! as the manual says i have to escape % and _ if this are not wildcards, so this is clearly that i have to do this in the command line client but the MySQL Administrator doesnt give me a choice, it shows me the databases and says i can edit the rights for THIS databases, but in fact i do edit the rights for the wildcard, and if right click it clearly says 'Add Schema with wildcards' what lets me more expect that the list does not contain wildcards
[16 Nov 2005 22:09]
Sebastian Mendel
the administrator should initialy display the schemas escaped, and of course not silently escape them
[17 Nov 2005 17:33]
Valeriy Kravchuk
OK. I agree with you. Let's GUI tools developers decide is it something to change (as we agreed now), or at least to document in the prominent place as a current limitation of the MySQL Administrator.