MYSQL权限回收
给予最小权限
grant select,insert,update,delete,create,LOCK TABLES,Trigger,EXECUTE on vtdc.employee to joe@10.163.225.87 identified by '123';
FLUSH PRIVILEGES
查看全部用户:select * from mysql. user \G。
查看权限。
mysql> show grants for 'lifeq_test'@'%'; +-----------------------------------------------------------------------------------------------------------+
| Grants for lifeq_test@% |
+-----------------------------------------------------------------------------------------------------------+
| GRANT USAGE ON *.* TO 'lifeq_test'@'%' IDENTIFIED BY PASSWORD '*E8D04393933593438F92BD1FD688B4418D932D98' |
| GRANT SELECT, INSERT, UPDATE, DELETE, CREATE ON `lifeq`.* TO 'lifeq_test'@'%' WITH GRANT OPTION |
+-----------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
回收权限
REVOKE DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT ON lifeq.* FROM 'lifeq_test'@'%';
*.* 库的权限回收
REVOKE DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, RELOAD, SHUTDOWN, PROCESS, FILE, SHOW DATABASES, SUPER, REPLICATION SLAVE, REPLICATION CLIENT, CREATE USER, CREATE TABLESPACE ON lifeq.* FROM 'lifeq_test'@'%';
创建伪最高权限账号:
grant select,insert,update,delete,create,drop,LOCK TABLES,Trigger,EXECUTE,DROP, REFERENCES, INDEX, ALTER, CREATE TEMPORARY TABLES, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT on *.* to xm@ identified by 'Byz';
创建最高权限账号:等于 all privileges 全部权限
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, RELOAD, SHUTDOWN, PROCESS, FILE, REFERENCES, INDEX, ALTER, SHOW DATABASES, SUPER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, REPLICATION SLAVE, REPLICATION CLIENT, CREATE VIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, CREATE USER, EVENT, TRIGGER ON *.* TO 'root'@'localhost' IDENTIFIED BY PASSWORD '*9A236654D1142CDD0B17FDDB6074E39EAE041781'