Bug #62390 "grant select on <schema>.* to ''" requires "flush privileges"
Submitted: 8 Sep 2011 19:34 Modified: 20 Sep 2011 19:46
Reporter: Vyacheslav Brover Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Security: Privileges Severity:S3 (Non-critical)
Version:5.5.15-log, 5.1.60, 5.6.4 OS:Any
Assigned to: CPU Architecture:Any
Tags: anonymous user, flush privileges, grant
Triage: Needs Triage: D2 (Serious)

[8 Sep 2011 19:34] Vyacheslav Brover
Description:
"grant select on <schema>.* to ''" requires "flush privileges" to take effect for other clients.

How to repeat:
Open MySQL clients for users A and B.
User B has no administrative privileges.

Do on client A:
  create schema test1;
  create table test1.TAB (N int);
  grant select on test1.* to '';

Client B does not see schema "test1".
Client B is expected to see the schema "test1" because Section 5.4.6. "When Privilege Changes Take Effect" of MySQL 5.5 Reference Manual says: "If you modify the grant tables indirectly using account-management statements such as GRANT, REVOKE, SET PASSWORD, or RENAME USER, the server notices these changes and loads the grant tables into memory again immediately."

Do on client A:
  flush privileges;

Client B sees schema "test1".
[20 Sep 2011 19:46] Sveta Smirnova
Thank you for the report.

Verified as described.