Bug #20181 | A user who is granted any global priv is able to SHOW DB's | ||
---|---|---|---|
Submitted: | 31 May 2006 22:50 | Modified: | 26 Jun 2006 10:35 |
Reporter: | Erica Moss | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server | Severity: | S1 (Critical) |
Version: | WIN -5.0.21 LIN 5.0.22 | OS: | Windows (win32 - XP SP2, Fedora core 5) |
Assigned to: | Tatiana Azundris Nuernberg | CPU Architecture: | Any |
[31 May 2006 22:50]
Erica Moss
[26 Jun 2006 10:35]
Sergei Golubchik
Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://dev.mysql.com/doc/ and the instructions on how to report a bug at http://bugs.mysql.com/how-to-report.php See http://dev.mysql.com/doc/refman/5.0/en/privileges-provided.html and in particular this paragraph: The SHOW DATABASES privilege allows the account to see database names by issuing the SHOW DATABASE statement. Accounts that do not have this privilege see only databases for which they have some privileges, and cannot use the statement at all if the server was started with the --skip-show-database option. Note that any global privilege is a privilege for the database.