12 Feb
2003
12 Feb
'03
10 a.m.
Garvin Hicking wrote:
<quote who="Marc Delisle">
In main.php3, $dbh is used to look into the mysql.* tables. But if
not controluser is defined, $dbh will contain $userlink, and, for
PMA_MYSQL_INT_VERSION >= 32304
we then use a SHOW GRANTS to get the information. So with no controluser,
my non-privileged user sees all his databases in the left pane, and he sees
the Create database dialog because he has a wildcard db CREATE priv.
So maybe we should rephrase in the doc, to talk about the MySQL version
where the controluser really needs privs on the mysql db.
Marc
Can someone find a reason why the controluser
should have rights to the "mysql"
database, as we state in the doc?
As far as I can see, it is used to define which links shall be available in
main.php3 (see line 177 in this file). It also gets the list of available DBs for
that user in common.lib.php3 (line 778 onwards).
Or did I misunderstand your initial question?