Bug #6587 Error message of SHOW GRANTS FOR ... misleading
Submitted: 12 Nov 2004 8:36 Modified: 9 Feb 2006 11:13
Reporter: Andrey Hristov Email Updates:
Status: Verified Impact on me:
Category:MySQL Server: Security: Privileges Severity:S4 (Feature request)
Version: OS:Any
Assigned to: CPU Architecture:Any

[12 Nov 2004 8:36] Andrey Hristov
I think that the error message of SHOW GRANTS FOR xyz 
when xyz is not existing user is kind of misleading. It should probably say that the user does not exist. Up to my knowledge (what I did check) is that the message is the same since 3.23.x series.


How to repeat:
mysql> select version();
| version()             |
| 5.0.2-alpha-debug-log |
1 row in set (0.01 sec)

mysql> show grants for asia@localhost;
ERROR 1141 (42000): There is no such grant defined for user 'asia' on host 'localhost'
[22 Nov 2004 5:42] Matthew Lord

I just wanted to let you know that this will likely change very soon as the new create user, 
rename user and drop user functions are nearing completion.  If they are not in the official 5.2 
release they should be in 5.3.  I will make a note with the worklog to change this error as well.

Best Regards
[9 Feb 2006 11:13] Valeriy Kravchuk
Thank you for a reasonable feature request. The message is still the same for 5.0.19-BK:

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3 to server version: 5.0.19

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show grants for vk@localhost;
ERROR 1141 (42000): There is no such grant defined for user 'vk' on host 'localhost'

Although, not absolutely sure that it should be changed, as giving away exact information that user does not exist is not good from security point of view. Compare to login in Linux...