mysql中FILE权限

FILE权限指的是对服务器主机上文件的访问,数据库用户拥有FILE权限才可以执行select into outfile,load data infile操作。

参考文章:http://blog.itpub.net/27126919/viewspace-2125131/

测试select into outfile操作

root用户上执行

mysql> CREATE USER 'filetest'@'localhost' IDENTIFIED BY123456'
FILE权限是对所有数据库文件而言的,因此数据库只能写成*.*,而不是某一个数据库 mysql> grant file on test3.* to 'filetest'@'localhost'; ERROR 1221 (HY000): Incorrect usage of DB GRANT and GLOBAL PRIVILEGES //赋予FILE权限 mysql> grant file on *.* to 'filetest'@'localhost'; Query OK, 0 rows affected (0.00 sec) //赋予select权限 grant select on test3.* to 'filetest'@'localhost'; //刷新信息 flush privileges;

filetest用户上执行

use test3;
mysql> select * from test2 into outfile 'd:/test.txt'
    -> ;
ERROR 1290 (HY000): The MySQL server is running with the --secure-file-priv opti
on so it cannot execute this statement

//即使有了file权限,输出目录路径应该secure_file_priv一致
mysql> show variables like '%sec%'
    -> ;
+--------------------------+----------+
| Variable_name            | Value    |
+--------------------------+----------+
| require_secure_transport | OFF      |
| secure_auth              | ON       |
| secure_file_priv         | e:\test\ |
+--------------------------+----------+
mysql> select * from test2 into outfile 'e:/test/test.txt';
Query OK, 1 row affected (0.01 sec)

测试load data infile操作:

mysql> load data infile 'e:/test/test.txt' into table test2;
ERROR 1142 (42000): INSERT command denied to user 'filetest'@'localhost' for table 'test2'
//需要给filetest赋予insert权限

root用户上执行:
mysql> grant insert on test3.* to 'filetest'@'localhost';
flush privileges;

filetest用户:
//infile的目录也要与secure_file_priv一致
mysql> load data infile 'e:/test/test.txt' into table test2;
Query OK, 1 row affected (0.07 sec)
Records: 1  Deleted: 0  Skipped: 0  Warnings: 0

 

posted @ 2019-03-11 09:33  远去的列车  阅读(8255)  评论(0编辑  收藏  举报