Bug #16692 | Allow deny in privileges | ||
---|---|---|---|
Submitted: | 21 Jan 2006 1:12 | Modified: | 9 May 2018 10:12 |
Reporter: | Michael Caldwell | Email Updates: | |
Status: | Verified | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S4 (Feature request) |
Version: | 5.0.16 | OS: | Windows (Windows) |
Assigned to: | CPU Architecture: | Any |
[21 Jan 2006 1:12]
Michael Caldwell
[21 Mar 2008 20:21]
William Finn
I would like to second this request. I am right now trying to write a script to publish an application. The old database needs to become read-only. I would love to be able to do this by just running something similar to REVOKE INSERT,UPDATE,DELETE ON old_db.* FROM *.*; Instead of having to hunt through each grant table to ensure nobody but root has those privs. Could have a runtime option to swap the allow,deny order similar to Apache. and/or Have additional 'revoke' tables that limit access instead of granting.
[31 Jan 2023 6:32]
MySQL Verification Team
William, Try --partial-revokes=ON option. https://dev.mysql.com/doc/refman/8.0/en/partial-revokes.html I'd like it to work for individual tables/columns but it doesn't.