On Wed, Dec 13, 2006 at 12:20:03PM -0800, developer@wexwarez.com wrote:
> grant all privileges on database test to auser
>
> As far as I can tell this does nothing. Intuitively this command suggests
> that the auser would be able to access and modify the database test in
> anyway. It would also suggest that as new tables for the database auser
> would automatically have access to them.
It's not intuitive to me. Just like granting full access to the root of
a filesystem does not grant you access to every file on it. Each
directory and file needs to be done also.
> Instead it appears that we have to still individually grant access to
> tables on an individual basis. It seems to me that if it did pass these
> blanket privileges on it would be very useful and make administration a
> lot easier. While it is not hard to initially grant the individual access
> (i am looking for a script) it is a pain in the butt to maintain. Is this
> in fact how it works?
I beleive the usual approach is you create a role and give permissions
to tables to that role and then for each user that comes along, you
assign that role to the user.
That makes administration easier I think.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.