Bug #25871 | Creation of new databases without create-privilege with "create if not exist" | ||
---|---|---|---|
Submitted: | 26 Jan 2007 15:31 | Modified: | 26 Jan 2007 16:50 |
Reporter: | Ronny Biering | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S2 (Serious) |
Version: | 4.0.x; 4.1x; 5.x | OS: | Linux (Linux 32 Bit RedHat) |
Assigned to: | CPU Architecture: | Any |
[26 Jan 2007 15:31]
Ronny Biering
[26 Jan 2007 16:50]
Valeriy Kravchuk
Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://dev.mysql.com/doc/, namely http://dev.mysql.com/doc/refman/5.0/en/grant.html: "Note: the ‘_’ and ‘%’ wildcards are allowed when specifying database names in GRANT statements that grant privileges at the global or database levels. This means, for example, that if you want to use a ‘_’ character as part of a database name, you should specify it as ‘\_’ in the GRANT statement, to prevent the user from being able to access additional databases matching the wildcard pattern; for example, GRANT ... ON `foo\_bar`.* TO ...."