[debian-mysql] Bug#512309: Bug#512309: debian-sys-maint has insufficient permissions on MySQL 5.0

Thomas Gelf thomas at gelf.net
Tue Jan 20 12:42:36 UTC 2009


Norbert Tretkowski schrieb:
> Why should someone run such queries with the debian-sys-maint user? This
> user exists only for starting and stopping mysqld.

This was just an example - debian-sys-maint is thought to be used by
every package requiring creation of a mysql database, user's and per-
missions. Time ago (before MySQL provided views & co) debian-sys-maint
had "ALL PERMISSIONS" - right now it doesn't do so any more.

Third-party-scripts been able to create users with all permissions to
their database able to run with MySQL 4 are probably "broken" on MySQL
5 - an issue you are able to avoid by writing directly to the mysql-
table, but this is not what MySQL want's you to do.

There is absolutely no reason why debian-sys-maint, able to write to
the mysql table (and after doing so, issuing "FLUSH PRIVILEGES")
shouldn't also be able to achieve the same effect doing it "the right
way", by using GRANT.

Best regards,
Thomas Gelf







More information about the pkg-mysql-maint mailing list