Solved

MySQL 5.6  question about revoking an active session

Posted on 2014-02-28
3
278 Views
Last Modified: 2014-03-15
So far I experimented on a MySQL 5.6 server
I tried
grant all on *.* to 'myuser'@'%' with grant option;

all worked fine. I then tried  from myuser's  account to kill another session one of the su
per only privileges and it let me so obviously when you grant all on *.* it also grants super privileges but I assume that would be only if *.* (Global) was used

Now I then tried:
revoke super on *.* from  'myuser'@'%' ;

I then for safe measure:
flush privileges;
go back to my live session and try to kill another session and I can still kill others session
so my question here would be why don't the revokes take immediately
I could kill the active user but that seems a schlocky solution:

Any way to do this revoke on active sessions???
I did find the super privilege was revoked upon reconnect but what about live connections??
0
Comment
Question by:Robert Silver
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 22

Expert Comment

by:Rick Hobbs
ID: 39896643
The session must be disconnected for the changes to take effect similar to login permissions. Microsoft should add the capability to force permission changes as they have with GPOs
0
 
LVL 2

Author Comment

by:Robert Silver
ID: 39896953
Okay so this is specific to Windows? I had not thought of that
0
 
LVL 78

Accepted Solution

by:
arnold earned 500 total points
ID: 39897303
Microsoft used as an example, the mysql is the one enforcing the active session rights in the posed question.

On MS as long as you are accessing local resources, your rights are not re validated, if you attempt to access another resource rights will be checked and access denied in the example provided.
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Foreword In the years since this article was written, numerous hacking attacks have targeted password-protected web sites.  The storage of client passwords has become a subject of much discussion, some of it useful and some of it misguided.  Of cou…
Introduction Since I wrote the original article about Handling Date and Time in PHP and MySQL (http://www.experts-exchange.com/articles/201/Handling-Date-and-Time-in-PHP-and-MySQL.html) several years ago, it seemed like now was a good time to updat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question