Finding User Accounts With Strong Privileges
Last updated on MARCH 31, 2017
Applies to:MySQL Server - Version 4.0 and later
Certain MySQL account privileges can be a security risk and should only be granted to trusted users when necessary.
- The FILE privilege allows a user to read and write files on the database server. This could be used to obtain access to private files and data
- The PROCESS privilege allows the user to monitor queries that are currently being executed.
- The SHUTDOWN privilege allows a user to shutdown the server. Not a good privileges to allow just any user.
- And the GRANT TO privilege allows a user to grant privileges to other users.
All of these privileges can easily be abused and cause many problems.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms