Description:

MySQL allows two ways to specify the GRANT OPTION privilege:

(a)  GRANT something,GRANT OPTION ON object TO user

or 

(b)  GRANT something ON object TO user WITH GRANT OPTION

According to SQL_YACC.CC, the two situations are processed in exactly the same way (and with the one-bit-per-permission logic implemented in mySQL there is hardly any other way to handle them).

However, in other DBMSes the GRANT OPTION can work differently. For example, in MS SQL Server you can write:

  GRANT INSERT, UPDATE ON ... TO user WITH GRANT OPTION;
  GRANT DELETE ON ... TO user ; -- without G.O.

Here the G.O. will be applied specifically to the individual permissions, so the user would be able to further grant INSERT, UPDATE, but not DELETE.  That is what the WITH GRANT OPTION syntax implies.

For MySQL, the syntax (a) above (G.O. in the list of other permissions) looks more suitable and is less likely to cause confusion.

How to repeat:

see above

Suggested fix:

In the documentation, clearly state that the situations (a) and (b) above are identical, that syntax (a) is preferrable whereas WITH GRANT OPTION is mostly for compatibility purpose and doesn't work on individual permissions, as the syntax seems to suggest.

May be it would make sense to issue a warning on the WITH GRANT OPTION use.

[Correction: the file mentioned in the report should be, obviously, SQL_YACC.YY, not SQL_YACC.CC]

Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://dev.mysql.com/doc/ and the instructions on
how to report a bug at http://bugs.mysql.com/how-to-report.php

Please read what GRAN OPTION does in MySQL at http://dev.mysql.com/doc/refman/5.0/en/grant.html