mysql：具有授權選項的數據庫特定用戶權限委託

Question

我在朋友之間建立了共享Web服務器設置。每個網站都有自己的數據庫。我希望能夠將每個數據庫的用戶管理委派給數據庫的所有者。這樣他們就可以爲他們的Web應用程序創建賬戶來訪問他們特定的表格，但如果特定的應用程序受到攻擊，它們也不會四處遊蕩。

爲了進一步通過舉例的方式澄清一下，我想是這樣的：

Database server at : db.hosting.coop 
db root user : root@db.hosting.coop <full permissions as root> 

website and database 1: foo.com 
foo.com db user : foo@db.hosting.coop <full permissions on database foo, with ability to grant user access to database foo, granted by root@db.hosting.coop> 
foo.coms rails app db user : foorails@localhost <select,insert,update,delete on foo.*, granted by foo@db.hosting.coop> 

website and database 2: bar.com 
bar.com db user : bar@% <full permissions on database foo, with grant, granted by root@db.hosting.coop> 
bar.coms php app db user : bar_website@localhost <select,insert,update,delete on bar.*, granted by bar@db.hosting.coop> 

Answer 1

以root身份：

GRANT CREATE USER ON *.* TO 'foo'@'%'; 
GRANT ALL PRIVILEGES ON `foo.com`.* TO 'foo'@'%' WITH GRANT OPTION; 

爲Foo：

CREATE USER 'foorails'@'%' IDENTIFIED BY 'secret'; 
GRANT SELECT ON `foo.com`.* TO 'foorails'@'%' 

與他人

同樣