Solved

MySQL 5.6  question about revoking an active session

Posted on 2014-02-28
3
264 Views
Last Modified: 2014-03-15
So far I experimented on a MySQL 5.6 server
I tried
grant all on *.* to 'myuser'@'%' with grant option;

all worked fine. I then tried  from myuser's  account to kill another session one of the su
per only privileges and it let me so obviously when you grant all on *.* it also grants super privileges but I assume that would be only if *.* (Global) was used

Now I then tried:
revoke super on *.* from  'myuser'@'%' ;

I then for safe measure:
flush privileges;
go back to my live session and try to kill another session and I can still kill others session
so my question here would be why don't the revokes take immediately
I could kill the active user but that seems a schlocky solution:

Any way to do this revoke on active sessions???
I did find the super privilege was revoked upon reconnect but what about live connections??
0
Comment
Question by:Robert Silver
3 Comments
 
LVL 22

Expert Comment

by:rickhobbs
ID: 39896643
The session must be disconnected for the changes to take effect similar to login permissions. Microsoft should add the capability to force permission changes as they have with GPOs
0
 
LVL 2

Author Comment

by:Robert Silver
ID: 39896953
Okay so this is specific to Windows? I had not thought of that
0
 
LVL 76

Accepted Solution

by:
arnold earned 500 total points
ID: 39897303
Microsoft used as an example, the mysql is the one enforcing the active session rights in the posed question.

On MS as long as you are accessing local resources, your rights are not re validated, if you attempt to access another resource rights will be checked and access denied in the example provided.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

I use MySQL for many of my development projects in a Windows environment. To manage my databases (and perform queries) for years I used a tool called MySQL administrator.  This tool has since been replaced by MySQL Workbench. So I decided to m…
Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now