Tuesday, April 19, 2011

Explaining what the default PROXY privilege for root does

In a default MySQL 5.5.8 installation there is one PROXY privilege:

GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION

What this does is:
If USER() and CURRENT_USER() don't match root is still allowed to grant the proxy privilege.

So if you connect using someuser@localhost using LDAP and LDAP tells you're root then you're still allowed to grant proxy privileges. This will only work if your user has the privilege to proxy to root.

The documentation for PROXY is here.
Posted by Daniël van Eeden at 2:45 PM

19 comments:

  1. David WarnerSeptember 28, 2013 at 2:48 PM

    This comment has been removed by a blog administrator.

    ReplyDelete
  2. Julia DavidAugust 30, 2014 at 10:52 AM

    This comment has been removed by a blog administrator.

    ReplyDelete
  3. FrankMay 28, 2018 at 7:12 PM

    A Proxy can save you from this.popcorn time When you are associated with the Proxy, your IP address is covered up.

    ReplyDelete
  4. mona martinSeptember 8, 2018 at 3:10 PM

    You have made some decent points there. I looked on the internet for more information about the issue and found most people will go along with your views on this web site. vpnveteran

    ReplyDelete
  5. MatiasSeptember 16, 2018 at 7:43 PM

    The most inspiring stuff commonly is probably the most dull or boring concern. a single rooster may not be in the same woody plant strip very long, and also the pets within the pine is a kind of weight, always want to consult the next stars, the particular fowl because the plants are really hesitant to facial expression an equal beautiful places day by day. visita il sito

    ReplyDelete
  6. Ella lilySeptember 24, 2018 at 3:03 PM

    I know your aptitude on this. I should say we ought to have an online discourse on this. Composing just remarks will close the talk straight away! What's more, will confine the advantages from this data.  diebestenvpn

    ReplyDelete
  7. MatiasSeptember 27, 2018 at 9:25 PM

    The website is looking bit flashy and it catches the visitors eyes. Design is pretty simple and a good user friendly interface. VPN

    ReplyDelete
  8. Alex dainaSeptember 28, 2018 at 2:46 PM

    In any case, regardless of whether you can envision the idea driving on the web check liquidating or not, the innovation really exists.Check Cashing Lemon-Grove

    ReplyDelete
  9. mona martinOctober 8, 2018 at 11:48 PM

    Great post i must say and thanks for the information. Education is definitely a sticky subject. However, is still among the leading topics of our time. I appreciate your post and look forward to more home cleaning new york https://weneedprivacy.com

    ReplyDelete
  10. James harperOctober 13, 2018 at 2:35 PM

    I'm impressed, I must say. Very rarely do I come across a blog thats both informative and entertaining, and let me tell you, you ve hit the nail on the head. Your blog is important.. https://www.lemigliorivpn.com

    ReplyDelete
  11. royNovember 13, 2018 at 10:37 AM

    Attempt restoring the Contivity association by tapping the Connect catch. On the off chance that this works, the association was most likely lost because of the Idle Timeout arranged on the Contivity VPN Switch. https://www.router-reset.com/can-isp-see-vpn/

    ReplyDelete
  12. Ella lilyNovember 26, 2018 at 1:32 PM

    I truly value this superb post that you have accommodated us. I guarantee this would be helpful for a large portion of the general population. thebestvpn

    ReplyDelete
  13. Michael SmithNovember 29, 2018 at 1:41 AM

    I'm impressed, I must say. Very rarely do I come across a blog thats both informative and entertaining, and let me tell you, you ve hit the nail on the head. Your blog is important.. https://gizlilikveguvenlik.com

    ReplyDelete
  14. James harperNovember 30, 2018 at 12:45 AM

    I am happy to find your distinguished way of writing the post. Now you make it easy for me to understand and implement the concept. Thank you for the post. debeste vpn

    ReplyDelete
  15. Ella lilyDecember 25, 2018 at 8:53 PM

    Extremely intriguing online journal. A lot of web journals I see nowadays don't generally give anything that I'm keen on, however I'm most definitely inspired by this one. Recently felt that I would post and let you know. vpnveteran

    ReplyDelete
  16. MatiasMarch 1, 2019 at 9:51 PM

    Just admiring your work and wondering how you managed this blog so well. It’s so remarkable that I can't afford to not go through this valuable information whenever I surf the internet!  https://www.lesmeilleursvpn.com

    ReplyDelete
  17. Jims lindaMarch 3, 2019 at 8:49 PM

    Intriguing post. I Have Been pondering about this issue, so much obliged for posting. Really cool post.It "s truly extremely pleasant and Useful post.Thanks besuche die Website

    ReplyDelete
  18. Michael SmithMarch 6, 2019 at 8:17 PM

    This is my first time i visit here. I found such a substantial number of interesting stuff in your blog especially its examination. Really its inconceivable article. Keep it up. internet privatsphare

    ReplyDelete
  19. James harperMarch 11, 2019 at 2:42 PM

    This is such a great resource that you are providing and you give it away for free. I love seeing blog that understand the value of providing a quality resource for free. lemigliorivpn

    ReplyDelete

Subscribe to: Post Comments (Atom)