MariaDB Read-Only user can't see database, why?



  • I have 2 users, one with ALL grants, another with SELECT only. User 1 can see the database, not user 2, why?

    Read-only user:

    MariaDB [(none)]> SHOW GRANTS FOR 'readonly'@'%';
    +------------------------------------------------------------------------------------------------------+
    | Grants for readonly@%                                                                                   |
    +------------------------------------------------------------------------------------------------------+
    | GRANT USAGE ON *.* TO `readonly`@`%` IDENTIFIED BY PASSWORD '*854D73C4F9D2019568DEA092DA192405FAD90F77' |
    | GRANT SELECT ON `database`.* TO `readonly`@`%`                                                           |
    +------------------------------------------------------------------------------------------------------+
    2 rows in set (0.001 sec)
    

    mysql -u readonly -e "SHOW DATABASES;"

    +--------------------+
    | Database |
    +--------------------+
    | information_schema |
    +--------------------+
    1 row in set (0.001 sec)

    Full-grants user:

    MariaDB [(none)]> SHOW GRANTS FOR 'fullgrants'@'%';
    +--------------------------------------------------------------------------------------------------------+
    | Grants for fullgrants@%                                                                                   |
    +--------------------------------------------------------------------------------------------------------+
    | GRANT USAGE ON *.* TO `fullgrants`@`%` IDENTIFIED BY PASSWORD '*72A473061F48961B5B0EB890CFEA4B9698A569E9' |
    | GRANT ALL PRIVILEGES ON `database`.* TO `fullgrants`@`%`                                                   |
    +--------------------------------------------------------------------------------------------------------+
    2 rows in set (0.001 sec)
    

    mysql -u fullgrants -e "SHOW DATABASES;"

    +--------------------+
    | Database |
    +--------------------+
    | information_schema |
    | database |
    +--------------------+
    2 rows in set (0.002 sec)



  • You aren't actually connected as the readonly user. If you select current_user(), you'll see an anonymous user that hasn't got any privileges on the database.




Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2