On Tue, 29 Apr 2008 20:13:27 GMT, Chuck wrote:

> I'm a little fuzzy on the exact meanings of the columns in the grant
> tables and the docs at mysql.com aren't very clear either. Is there
> a query I can write to determine who has the ability to run "drop
> database"?
>
> Would it be this?
>
> select host,user
> from mysql.user
> where drop_priv = 'Y';

This will pick up the users with global drop privs.

> Searching the docs for "drop_priv" brings up a page that lumps
> together the column defs for several of the grant tables but doesn't
> clearly state whether mysql.user.drop_user is for "drop table", "drop
> database", or both.

You'll find drop privs listed also in mysql.db for the individual
databases, and mysql.tables_priv if you want to get down that far.

In short, the list of IDs that can drop a database is those with
drop_priv ='Y' in users union those with db.drop_priv = 'Y' AND
user.drop_priv = 'N'

--
81. If I am fighting with the hero atop a moving platform, have disarmed him,
and am about to finish him off and he glances behind me and drops flat, I
too will drop flat instead of quizzically turning around to find out what
he saw. --Peter Anspach's list of things to do as an Evil Overlord