O'Reilly logo

MySQL 8 Cookbook by Karthik Appigatla

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

The FILE privilege

Be cautious while granting the FILE privilege to any user because the user can write a file anywhere in the filesystem with privileges of the mysqld daemon, which includes the server's data directory. However, they cannot overwrite existing files. Also, users can read any file accessible to MySQL (or the user that runs mysqld) into a database table. FILE is a global privilege, meaning you cannot restrict it to a particular database:

mysql> SHOW GRANTS;+--------------------------------------------------------------------+| Grants for company_admin@%                                         |+--------------------------------------------------------------------+| GRANT FILE ON *.* TO `company_admin`@`%`                           || GRANT SELECT, INSERT, CREATE ON `company`.* TO `company_admin`@`%` ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required