MySQL 权限管理的注意事项
㈠ 认证和授权 认证:who am I ? 授权:what I can do ? 认证实际上就是一个验证凭证的过程、而进入MySQL 需要出示的凭证有:
㈠ 认证和授权
认证:who am I ?
授权:what I can do ?
认证实际上就是一个验证凭证的过程、而进入MySQL 需要出示的凭证有:host、username、password
连接MySQL 常见有 2 种:
① TCP/IP 连接
加 -h 参数、通过TCP/IP 连接MySQL 实例、mysql.user 对来者进行认证
② Socket
-S 参数 、只能在 MySQL 客户端和实例在同一台服务器上使用
㈡ 缺省有 2 个高危险用户:
㈢ % 不是万能的、至少无法替代 localhost、而 MySQL 默认却是以 localhost登陆
mysql> grant all on *.* to 'david'@'%' identified by 'Oracle';
Query OK, 0 rows affected (0.05 sec)
[mysql@odd ~]$ mysql -udavid -poracle
ERROR 1045 (28000): Access denied for user 'david'@'localhost' (using password: YES)
[mysql@odd ~]$ mysql -udavid -poracle -h 127.0.0.1
ERROR 1045 (28000): Access denied for user 'david'@'localhost' (using password: YES)
mysql> grant all on *.* to 'david'@'localhost' identified by 'oracle';
Query OK, 0 rows affected (0.01 sec)
[mysql@odd ~]$ mysql -udavid -poracle
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 5.5.16-log Source distribution
Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
,