默认情况下,mysql.db表中包含的行表示任意用户可以访问test数据库和test_开头的数据库。这些行的User字段的值为空,表示匹配任意用户。这意味着这些数据库(test数据库和test_开头的数据库)默认可以被任意用户使用(即使没有权限的用户)。
mysql> select * from mysql.db\G
*************************** 1. row ***************************
Host: %
Db: test
User:
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: N
Execute_priv: N
Event_priv: Y
Trigger_priv: Y
*************************** 2. row ***************************
Host: %
Db: test\_%
User:
Select_priv: Y
Insert_priv: Y
Update_priv: Y
Delete_priv: Y
Create_priv: Y
Drop_priv: Y
Grant_priv: N
References_priv: Y
Index_priv: Y
Alter_priv: Y
Create_tmp_table_priv: Y
Lock_tables_priv: Y
Create_view_priv: Y
Show_view_priv: Y
Create_routine_priv: Y
Alter_routine_priv: N
Execute_priv: N
Event_priv: Y
Trigger_priv: Y
2 rows in set (0.00 sec)
可以看到,任意用户对test数据库和test_开头的数据库都拥有很大的权限(上述为Y的权限)
#创建一个只读账号
mysql> grant select on yujx.t to 'select'@'localhost' identified by 'select';
Query OK, 0 rows affected (0.00 sec)
mysql> flush privileges;
Query OK, 0 rows affected (0.00 sec)
#使用只读用户连接mysql
mysql> select user();
+------------------+
| user() |
+------------------+
| select@localhost |
+------------------+
1 row in set (0.00 sec)
mysql> show grants for 'select'@'localhost';
+---------------------------------------------------------------------------------------------------------
| Grants for select@localhost |
+---------------------------------------------------------------------------------------------------------
| GRANT USAGE ON *.* TO 'select'@'localhost' IDENTIFIED BY PASSWORD '*852200EDF18814F8BFC1F1DC816AAC4152D8262E'
| GRANT SELECT ON `yujx`.`t` TO 'select'@'localhost' |
+-------------------------------------------------------------------------------------------------
2 rows in set (0.00 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test |
| test_a |
| yujx |
+--------------------+
4 rows in set (0.00 sec)
mysql> use test;
Database changed
#可以创建表
mysql> create table t(x int);
Query OK, 0 rows affected (0.01 sec)
#可以insert表
mysql> insert into t select 1;
Query OK, 1 row affected (0.00 sec)
Records: 1 Duplicates: 0 Warnings: 0
#可以drop database
mysql> drop database test;
Query OK, 1 row affected (0.01 sec)
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| test_a |
| yujx |
+--------------------+
3 rows in set (0.00 sec)
mysql> use test_a
Database changed
mysql> create table a ( x int);
Query OK, 0 rows affected (0.01 sec)
mysql> show tables;
+------------------+
| Tables_in_test_a |
+------------------+
| a |
+------------------+
1 row in set (0.00 sec)
mysql> drop table a;
Query OK, 0 rows affected (0.01 sec)
mysql> drop database test_a;
Query OK, 0 rows affected (0.00 sec)
#只要是dbname以test开头的都能创建成功
mysql> create database test;
Query OK, 1 row affected (0.00 sec)
mysql> create database test_a;
Query OK, 1 row affected (0.00 sec)
mysql> create database test_b;
Query OK, 1 row affected (0.00 sec)
mysql> create database a;
ERROR 1044 (42000): Access denied for user 'select'@'localhost' to database 'a'
如果你不想让拥有任意权限(哪怕仅仅只读权限)的用户能任意操作test数据库或者以test_开头命名的数据库,可以delete其mysql.db表中test相关的行,如下:
shell> mysql -u root -p
Enter password: (enter root password here)
mysql> DELETE FROM mysql.db WHERE Db LIKE 'test%';
mysql> FLUSH PRIVILEGES;
#如下,已经无法任意操作test相关数据库
mysql> select user();
+------------------+
| user() |
+------------------+
| select@localhost |
+------------------+
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| yujx |
+--------------------+
2 rows in set (0.00 sec)
mysql> create database test;
ERROR 1044 (42000): Access denied for user 'select'@'localhost' to database 'test'
mysql> create database test_a;
ERROR 1044 (42000): Access denied for user 'select'@'localhost' to database 'test_a'
至此,可以看到默认情况下,初始化的mysql环境中mysql.db表默认包含的2行test数据库相关的配置,导致任意用户可以随意操作test或者test_开头的数据库,如果你想避免此问题,可以直接drop test数据库。
关于此现象,大家可能需要注意的问题:
1、正式环境千万别使用test数据库或者创建test_开头的数据库来存储业务数据
2、对用户的权限进行测试、验证的时候,千万别去test数据库,这可能误导你
3、如果想彻底避免以上问题,可以将mysql.db中test相关的数据delete掉,参考上文
参考链接:
https://dev.mysql.com/doc/refman/5.6/en/default-privileges.html
免责声明:本站发布的内容(图片、视频和文字)以原创、转载和分享为主,文章观点不代表本网站立场,如果涉及侵权请联系站长邮箱:is@yisu.com进行举报,并提供相关证据,一经查实,将立刻删除涉嫌侵权内容。