Tuesday, April 19, 2011

Explaining what the default PROXY privilege for root does

In a default MySQL 5.5.8 installation there is one PROXY privilege:

GRANT PROXY ON ''@'' TO 'root'@'localhost' WITH GRANT OPTION

What this does is:
If USER() and CURRENT_USER() don't match root is still allowed to grant the proxy privilege.

So if you connect using someuser@localhost using LDAP and LDAP tells you're root then you're still allowed to grant proxy privileges. This will only work if your user has the privilege to proxy to root.

The documentation for PROXY is here.


  1. This comment has been removed by a blog administrator.

  2. This comment has been removed by a blog administrator.

  3. A Proxy can save you from this.popcorn time When you are associated with the Proxy, your IP address is covered up.

  4. You have made some decent points there. I looked on the internet for more information about the issue and found most people will go along with your views on this web site. vpnveteran

  5. The most inspiring stuff commonly is probably the most dull or boring concern. a single rooster may not be in the same woody plant strip very long, and also the pets within the pine is a kind of weight, always want to consult the next stars, the particular fowl because the plants are really hesitant to facial expression an equal beautiful places day by day. visita il sito