MySQL新建用户,授权,删除用户,修改密码
來源:http://www.cnblogs.com/analyzer/articles/1045072.html
首先要聲明一下:一般情況下,修改MySQL密碼,授權(quán),是需要有mysql里的root權(quán)限的。
注:本操作是在WIN命令提示符下,phpMyAdmin同樣適用。
????用戶:phplamp??用戶數(shù)據(jù)庫:phplampDB
1.新建用戶。
//登錄MYSQL
@>mysql?-u?root?-p
@>密碼
//創(chuàng)建用戶
mysql>?insert?into?mysql.user(Host,User,Password)?values("localhost","phplamp",password("1234"));
//刷新系統(tǒng)權(quán)限表
mysql>flush?privileges;
這樣就創(chuàng)建了一個名為:phplamp??密碼為:1234??的用戶。
然后登錄一下。
mysql>exit;
@>mysql?-u?phplamp?-p
@>輸入密碼
mysql>登錄成功
2.為用戶授權(quán)。
//登錄MYSQL(有ROOT權(quán)限)。我里我以ROOT身份登錄.
@>mysql?-u?root?-p
@>密碼
//首先為用戶創(chuàng)建一個數(shù)據(jù)庫(phplampDB)
mysql>create?database?phplampDB;
//授權(quán)phplamp用戶擁有phplamp數(shù)據(jù)庫的所有權(quán)限。
>grant?all?privileges?on?phplampDB.*?to?phplamp@localhost?identified?by?'1234';
//刷新系統(tǒng)權(quán)限表
mysql>flush?privileges;
mysql>其它操作
/*
如果想指定部分權(quán)限給一用戶,可以這樣來寫:
mysql>grant?select,update?on?phplampDB.*?to?phplamp@localhost?identified?by?'1234';
//刷新系統(tǒng)權(quán)限表。
mysql>flush?privileges;
*/
3.刪除用戶。
@>mysql?-u?root?-p
@>密碼
mysql>DELETE?FROM?user?WHERE?User="phplamp"?and?Host="localhost";
mysql>flush?privileges;
//刪除用戶的數(shù)據(jù)庫
mysql>drop?database?phplampDB;
4.修改指定用戶密碼。
@>mysql?-u?root?-p
@>密碼
mysql>update?mysql.user?set?password=password('新密碼')?where?User="phplamp"?and?Host="localhost";
mysql>flush?privileges;
?
誤解:
在做 dvwa 的 SQL 入侵演練時,通過如下 grant 語句后依然沒有權(quán)限,以至于以為 grant 語句失效。
先新建一個用戶,用戶名和密碼都是 gqltt
@>mysql -u root
mysql>grant all privileges on dvwa.* to gqltt@localhost identified by 'gqltt' with grant option;
mysql>flush privileges;
如下表明 grant 已經(jīng)成功:
mysql> select * from mysql.user where user='gqltt' \G; *************************** 1. row ***************************Host: localhostUser: gqlttPassword: *1A1A4491309AD204398CD4AA6FD550C1799D3403Select_priv: NInsert_priv: NUpdate_priv: NDelete_priv: NCreate_priv: NDrop_priv: NReload_priv: NShutdown_priv: NProcess_priv: NFile_priv: NGrant_priv: NReferences_priv: NIndex_priv: NAlter_priv: NShow_db_priv: NSuper_priv: NCreate_tmp_table_priv: NLock_tables_priv: NExecute_priv: NRepl_slave_priv: NRepl_client_priv: NCreate_view_priv: NShow_view_priv: NCreate_routine_priv: NAlter_routine_priv: NCreate_user_priv: NEvent_priv: NTrigger_priv: N Create_tablespace_priv: Nssl_type:ssl_cipher:x509_issuer:x509_subject:max_questions: 0max_updates: 0max_connections: 0max_user_connections: 0plugin:authentication_string: 1 row in set (0.00 sec)?
mysql> show grants for gqltt@localhost; +------------------------------------------------------------------------------- -------------------------------+ | Grants for gqltt@localhost| +------------------------------------------------------------------------------- -------------------------------+ | GRANT USAGE ON *.* TO 'gqltt'@'localhost' IDENTIFIED BY PASSWORD '*1A1A4491309 AD204398CD4AA6FD550C1799D3403' | | GRANT ALL PRIVILEGES ON `dvwa`.* TO 'gqltt'@'localhost' WITH GRANT OPTION| +------------------------------------------------------------------------------- -------------------------------+ 2 rows in set (0.01 sec)?
mysql> select * from information_schema.schema_privileges where grantee="'gqltt' @'localhost'"; +---------------------+---------------+--------------+-------------------------+ --------------+ | GRANTEE | TABLE_CATALOG | TABLE_SCHEMA | PRIVILEGE_TYPE |IS_GRANTABLE | +---------------------+---------------+--------------+-------------------------+ --------------+ | 'gqltt'@'localhost' | def | dvwa | SELECT |YES | | 'gqltt'@'localhost' | def | dvwa | INSERT |YES | | 'gqltt'@'localhost' | def | dvwa | UPDATE |YES | | 'gqltt'@'localhost' | def | dvwa | DELETE |YES | | 'gqltt'@'localhost' | def | dvwa | CREATE |YES | | 'gqltt'@'localhost' | def | dvwa | DROP |YES | | 'gqltt'@'localhost' | def | dvwa | REFERENCES |YES | | 'gqltt'@'localhost' | def | dvwa | INDEX |YES | | 'gqltt'@'localhost' | def | dvwa | ALTER |YES | | 'gqltt'@'localhost' | def | dvwa | CREATE TEMPORARY TABLES |YES | | 'gqltt'@'localhost' | def | dvwa | LOCK TABLES |YES | | 'gqltt'@'localhost' | def | dvwa | EXECUTE |YES | | 'gqltt'@'localhost' | def | dvwa | CREATE VIEW |YES | | 'gqltt'@'localhost' | def | dvwa | SHOW VIEW |YES | | 'gqltt'@'localhost' | def | dvwa | CREATE ROUTINE |YES | | 'gqltt'@'localhost' | def | dvwa | ALTER ROUTINE |YES | | 'gqltt'@'localhost' | def | dvwa | EVENT |YES | | 'gqltt'@'localhost' | def | dvwa | TRIGGER |YES | +---------------------+---------------+--------------+-------------------------+ --------------+ 18 rows in set (0.00 sec)
?
如果在 dvwa 演示程序中,用 gqltt 連接 DB ,則如下 sql 注入無法操作:
http://localhost:8081/dvwa/vulnerabilities/sqli/?id=1' union select user, password from mysql.user -- &Submit=Submit#
?
認(rèn)真想想也是 gqltt 用戶只有數(shù)據(jù)庫 dvwa 的所有權(quán)限,當(dāng)然無法查詢數(shù)據(jù)庫 mysql 的 user 表。
?
如果想讓一個用戶有像 root 一樣的權(quán)限,如下操作
mysql> grant all privileges on *.* to gqltt@localhost identified by 'gqltt' withgrant option;這樣再次查詢 mysql.user 時候,就有所有的權(quán)限了。
mysql> select * from mysql.user where user='gqltt' \G; *************************** 1. row ***************************Host: localhostUser: gqlttPassword: *1A1A4491309AD204398CD4AA6FD550C1799D3403Select_priv: YInsert_priv: YUpdate_priv: YDelete_priv: YCreate_priv: YDrop_priv: YReload_priv: YShutdown_priv: YProcess_priv: YFile_priv: YGrant_priv: YReferences_priv: YIndex_priv: YAlter_priv: YShow_db_priv: YSuper_priv: YCreate_tmp_table_priv: YLock_tables_priv: YExecute_priv: YRepl_slave_priv: YRepl_client_priv: YCreate_view_priv: YShow_view_priv: YCreate_routine_priv: YAlter_routine_priv: YCreate_user_priv: YEvent_priv: YTrigger_priv: Y Create_tablespace_priv: Yssl_type:ssl_cipher:x509_issuer:x509_subject:max_questions: 0max_updates: 0max_connections: 0max_user_connections: 0plugin:authentication_string: 1 row in set (0.00 sec)
?
總結(jié)
以上是生活随笔為你收集整理的MySQL新建用户,授权,删除用户,修改密码的全部內(nèi)容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Java加密与解密的艺术~数字证书~证书
- 下一篇: 星级评分--演进式部署