一、介绍
如果数据库被黑客SQL注入得到数据库用户名和密码,可以只设置指定用户IP地址可以操作数据库,可以防止黑客拖库
二、使用方法
语法: grant priv_type on mysql.user to \'user\'@\'host\' identified by \'password\' with grant option; priv_type:代表允许操作数据库的权限 user:代表数据库用户名 host:代表IP地址 password:代表设置的密码
刷新user权限表:flush privileges;
三、案例
1.设置所有数据库、所有表、任意ip可以连接数据库,授权给用户名ping并设置密码为123456
grant all on *.* to \'ping\'@\'%\' identified by \'123456\'; flush privileges;
2.授权表cloud的记录修改权限给连接ip地址是192.168.100.1和用户名是ping并且密码为123456
grant update(name,sex) on cloud to \'ping\'@\'192.168.100.1\' identified by \'123456\'; flush privileges;
四、查看数据库权限表
mysql> select * from mysql.user where host=\'localhost\'\G;
*************************** 1. row ***************************
Host: localhost
User:
Password:
Select_priv: N
Insert_priv: N
Update_priv: N
Delete_priv: N
Create_priv: N
Drop_priv: N
Reload_priv: N
Shutdown_priv: N
Process_priv: N
File_priv: N
Grant_priv: N
References_priv: N
Index_priv: N
Alter_priv: N
Show_db_priv: N
Super_priv: N
Create_tmp_table_priv: N
Lock_tables_priv: N
Execute_priv: N
Repl_slave_priv: N
Repl_client_priv: N
Create_view_priv: N
Show_view_priv: N
Create_routine_priv: N
Alter_routine_priv: N
Create_user_priv: N
Event_priv: N
Trigger_priv: N
ssl_type:
ssl_cipher:
x509_issuer:
x509_subject:
max_questions: 0
max_updates: 0
max_connections: 0
max_user_connections: 0