Introducing the MySQL Privilege System

The MySQL privilege system is always "on." The first time you try to connect and for each subsequent action, MySQL checks the following three things:

  • Where you are accessing from (your host)

  • Who you say you are (your username and password)

  • What you're allowed to do (your command privileges)

All this information is stored in the database called mysql, which is automatically created when MySQL is installed. There are several tables in the mysql database:

  • columns_priv? Defines user privileges for specific fields within a table.

  • db? Defines the permissions for all databases on the server.

  • func? Defines user-created functions.

  • host? Defines the acceptable hosts that can connect to a specific database.

  • tables_priv? Defines user privileges for specific tables within a database.

  • user? Defines the command privileges for a specific user.

These tables will become more important to you later in this hour as you add a few sample users to MySQL. For now, just remember that these tables exist and must have relevant data in them in order for users to complete actions.

The Two-Step Authentication Process

As you've learned, MySQL checks three things during the authentication process. The actions associated with these three things are performed in two steps:

  1. MySQL looks at the host you are connecting from and the username and password pair that you are using. If your host is allowed to connect, your password is correct for your username, and the username matches one assigned to the host, MySQL moves to the second step.

  2. For whichever SQL command you are attempting to use, MySQL verifies that you have the ability to perform that action for that database, table, and field.

If step 1 fails, you'll see an error about it and you won't be able to continue on to step 2. For example, suppose you are connecting to MySQL with a username of joe and a password of abc123 and you want to access a database called myDB. You will receive an error message if any of those connection variables are incorrect for any of the following reasons:

  • Your password is incorrect.

  • Username joe doesn't exist.

  • User joe can't connect from localhost.

  • User joe can connect from localhost but cannot use the myDB database.

You may see an error like the following:

#> /usr/local/bin/mysql/bin/mysql -h localhost -u joe -pabc123 test
Error 1045: Access denied for user: 'joe@localhost' (Using password: YES)

If user joe with a password of abc123 is allowed to connect from localhost to the myDB database, MySQL will check the actions that joe can perform in step 2 of the process. For our purposes, suppose that joe is allowed to select data but is not allowed to insert data. The sequence of events and errors would look like the following:

#> /usr/local/bin/mysql/bin/mysql -h localhost -u joe -pabc123 test
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 61198 to server version: 4.0.2-alpha-log
Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select * from test_table;
| id | test_field |
|  1 | blah       |
|  2 | blah blah  |
2 rows in set (0.0 sec)

mysql> insert into test_table values ('', 'my text');
Error 1044: Access denied for user: 'joe@localhost' (Using password: YES)

Action-based permissions are common in applications with several levels of administration. For example, if you have created an application containing personal financial data, you might grant only SELECT privileges to entry-level staff members, but INSERT and DELETE privileges to executive-level staff with security clearances.

    Part III: Getting Involved with the Code