Bug #81621 GRANT privileges on db vs db table - Wildcard characters in db name - Escaping
Submitted: 27 May 2016 0:50 Modified: 2 Jun 2016 12:06
Reporter: Laurent Declercq Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Security: Privileges Severity:S3 (Non-critical)
Version:5.7, 5.7.12 OS:Debian
Assigned to: CPU Architecture:Any

[27 May 2016 0:50] Laurent Declercq
Description:
The wrong behavior explained here is still not fixed: http://bugs.mysql.com/bug.php?id=18660&thanks=3&notify=215

The bug report has been closed for unknown reasons. The current behavior, even with MySQL 5.7 is really inconsistent.

To resume:

- Escaping wildcard character in database name (such as underscore) when granting privileges on database (GRANT select ON `imscp\_system`.* TO ...) is ok.

- Escaping wildcard character in database name (such as underscore) when granting privileges on database table (GRANT select ON `imscp\_system`.`ftp_users` TO ...) is not ok. Here we get an 'unknown table' error.

Such behavior lead to confusions. You should at least fix that issue by doc. 

How to repeat:
Try to grant privileges on a database table where database name contains a wildcard character such as undersore. Then, escape it in the grant command. For instance:

GRANT select ON `database\_name`.`table_name` TO 'user'@'host';

Suggested fix:
Should be at least fixed by documentation.
[2 Jun 2016 12:06] Umesh Shastry
Hello Laurent,

Thank you for the report and feedback!

Thanks,
Umesh