Bug #52388 | Create database with "?" without privileges | ||
---|---|---|---|
Submitted: | 26 Mar 2010 10:15 | Modified: | 26 Mar 2010 10:25 |
Reporter: | Pavel Ondrej | Email Updates: | |
Status: | Not a Bug | Impact on me: | |
Category: | MySQL Server: Security: Privileges | Severity: | S1 (Critical) |
Version: | 5.1.35 and lower | OS: | Any |
Assigned to: | CPU Architecture: | Any | |
Tags: | create, privileges |
[26 Mar 2010 10:15]
Pavel Ondrej
[26 Mar 2010 10:25]
Sveta Smirnova
Thank you for taking the time to write to us, but this is not a bug. Please double-check the documentation available at http://dev.mysql.com/doc/ and the instructions on how to report a bug at http://bugs.mysql.com/how-to-report.php Please read at http://dev.mysql.com/doc/refman/5.1/en/grant.html: "Note: the ‘_’ and ‘%’ wildcards are allowed when specifying database names in GRANT statements that grant privileges at the global or database levels. This means, for example, that if you want to use a ‘_’ character as part of a database name, you should specify it as ‘\_’ in the GRANT statement, to prevent the user from being able to access additional databases matching the wildcard pattern; for example, GRANT ... ON `foo\_bar`.* TO ...."