DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

(mysql.info.gz) Privileges options

Info Catalog (mysql.info.gz) Security against attack (mysql.info.gz) Security (mysql.info.gz) LOAD DATA LOCAL
 
 5.4.3 Startup Options for `mysqld' Concerning Security
 ------------------------------------------------------
 
 The following `mysqld' options affect security:
 
 `--local-infile[={0|1}]'
      If you start the server with `--local-infile=0', clients cannot use
      `LOCAL' in `LOAD DATA' statements.   `LOAD DATA LOCAL' LOAD
      DATA LOCAL.
 
 `--old-passwords'
      Force the server to generate short (pre-4.1) password hashes for
      new passwords. This is useful for compatibility when the server
      must support older client programs.   Password hashing.
 
 `--safe-show-database'
      With this option, the `SHOW DATABASES' statement displays the names
      of only those databases for which the user has some kind of
      privilege.  As of MySQL 4.0.2, this option is deprecated and
      doesn't do anything (it is enabled by default), because there is a
      `SHOW DATABASES' privilege that can be used to control access to
      database names on a per-account basis.  `GRANT' GRANT.
 
 `--safe-user-create'
      If this is enabled, a user cannot create new users with the `GRANT'
      statement unless the user has the `INSERT' privilege for the
      `mysql.user' table.  If you want a user to have the ability to
      create new users with those privileges that the user has right to
      grant, you should grant the user the following privilege:
 
           mysql> GRANT INSERT(user) ON mysql.user TO 'USER_NAME'@'HOST_NAME';
 
      This will ensure that the user can't change any privilege columns
      directly, but has to use the `GRANT' statement to give privileges
      to other users.
 
 `--secure-auth'
      Disallow authentication for accounts that have old (pre-4.1)
      passwords.  This option is available as of MySQL 4.1.1.
 
 `--skip-grant-tables'
      This option causes the server not to use the privilege system at
      all. This gives everyone _full access_ to all databases!  (You can
      tell a running server to start using the grant tables again by
      executing a `mysqladmin flush-privileges' or `mysqladmin reload'
      command, or by issuing a `FLUSH PRIVILEGES' statement.)
 
 `--skip-name-resolve'
      Hostnames are not resolved.  All `Host' column values in the grant
      tables must be IP numbers or `localhost'.
 
 `--skip-networking'
      Don't allow TCP/IP connections over the network.  All connections
      to `mysqld' must be made via Unix socket files.  This option is
      unsuitable when using a MySQL version prior to 3.23.27 with the
      MIT-pthreads package, because Unix socket files were not supported
      by MIT-pthreads at that time.
 
 `--skip-show-database'
      With this option, the `SHOW DATABASES' statement is allowed only to
      users who have the `SHOW DATABASES' privilege, and the statement
      displays all database names.  Without this option, `SHOW
      DATABASES' is allowed to all users, but displays each database
      name only if the user has the `SHOW DATABASES' privilege or some
      privilege for the database.
 
 
Info Catalog (mysql.info.gz) Security against attack (mysql.info.gz) Security (mysql.info.gz) LOAD DATA LOCAL
automatically generated byinfo2html