Permissions and Security Under MySQL

First, if this database will hold any sensitive information, you need a password to access the root account. Otherwise, anyone can change and grant permissions on every database and table inside MySQL without a password.

To do this, issue the following commands from the console:

mysqladmin -uroot password <password>

Here, <password> is the password that you want to assign to the root user.

Access can be controlled on a site, database, or table basis to a combination of specific users, hosts, and users at hosts.

Users are not explicitly created, but are created using grant statements. For example, now that you have a database called TestDB, create a user called DbUser who has permission to read, but not write ...

Get MySQL™ and JSP™ Web Applications: Data-Driven Programming Using Tomcat and MySQL now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.