Oracle 5.0 Reference Manual page 598

• The [578] privilege enables you to select rows from tables in a database.
SELECT
statements require the
statements do not access tables and can be executed without permission for any database.
SELECT
For example, you can use
reference to tables:
SELECT 1+1;
SELECT PI()*2;
The [578] privilege is also needed for other statements that read column values.
SELECT
For example,
SELECT
assignment in
col_name=expr
or
DELETE UPDATE
• The
SHOW DATABASES
statement. Accounts that do not have this privilege see only databases for which
SHOW DATABASE
they have some privileges, and cannot use the statement at all if the server was started with the
skip-show-database
• The [578]
SHOW VIEW
MySQL 5.0.1.
• The [578]
SHUTDOWN
corresponding SQL statement.
• The [578] privilege enables an account to use
SUPER
to kill threads belonging to other accounts (you can always kill your own threads),
kill
LOGS, configuration changes using
BINARY
mysqladmin debug
[488] system variable is enabled, starting and stopping replication on slave servers,
read_only
specification of any account in the
you to connect (once) even if the connection limit controlled by the
variable is reached.
To create or alter stored routines if binary logging is enabled, you may also need the
privilege, as described in
• The [578] privilege enables rows to be updated in tables in a database.
UPDATE
• The [578] privilege specifier stands for "no privileges." It is used at the global level with
USAGE
to modify account attributes such as resource limits or SSL characteristics without affecting
GRANT
existing account privileges.
It is a good idea to grant to an account only those privileges that it needs. You should exercise
particular caution in granting the
• The [577] privilege can be abused to read into a database table any files that the MySQL
FILE
server can read on the server host. This includes all world-readable files and files in the server's data
directory. The table can then be accessed using
• The
GRANT OPTION
that have different privileges and with the
privileges.
• The [576] privilege may be used to subvert the privilege system by renaming tables.
ALTER
• The [578]
SHUTDOWN
the server.
• The [577]
PROCESS
including statements that set or change passwords.
Privileges Provided by MySQL
[578] privilege only if they actually retrieve rows from a table. Some
SELECT
as a simple calculator to evaluate expressions that make no
SELECT
[578] is needed for columns referenced on the right hand side of
statements or for columns named in the
UPDATE
statements.
[578] privilege enables the account to see database names by issuing the
[421] option. Note that any global privilege is a privilege for the database.
privilege enables use of
privilege enables use of the
command, enabling or disabling logging, performing updates even if the
DEFINER
Section 18.6, "Binary Logging of Stored
[577] and administrative privileges:
FILE
[577] privilege enables users to give their privileges to other users. Two users
GRANT OPTION
privilege can be abused to deny service to other users entirely by terminating
privilege can be used to view the plain text of currently executing statements,
578
VIEW. This privilege was added in
SHOW CREATE
mysqladmin shutdown
CHANGE MASTER
to modify global system variables, the
SET GLOBAL
attribute of stored programs and views, and enables
max_connections
Programs".
to transfer its contents to the client host.
SELECT
[577] privilege are able to combine
SELECT
clause of
WHERE
command. There is no
or
TO, KILL mysqladmin
PURGE
[467] system
[578]
SUPER
--