Users and privileges

Last reviewed Jun 1, 2026 Content v20260601

Track mode

sql_sandbox

Means

SQL sandbox

Reading

~1 min

Level

advanced

This lesson

This lesson teaches Users and privileges: the SQL patterns, schema habits, and query reasoning you need before advancing in MySQL.

Teams query Users and privileges on every MySQL codebase—skipping it leaves gaps in debugging and data reviews.

You will apply Users and privileges in contexts like: Shared hosting with limited SUPER—least-privilege users per app database.

Copy MySQL SQL into the mysql client, local MySQL/MariaDB, or DB Fiddle (MySQL dialect)—use DESCRIBE and EXPLAIN where lessons show them. The in-browser lab ships later; mysql client is the practice path now.

When InnoDB, indexes, and EXPLAIN from intermediate lessons make sense in the mysql client.

Grant least privilege: app user with SELECT/INSERT/UPDATE/DELETE on one database—not SUPER on production.

Create user and grant

CREATE USER 'app_rw'@'%' IDENTIFIED BY 'CHANGE_ME';
GRANT SELECT, INSERT, UPDATE, DELETE ON practice.* TO 'app_rw'@'%';
FLUSH PRIVILEGES;

Use strong passwords and restrict host ('app'@'10.%') in production.

Show grants

SHOW GRANTS FOR CURRENT_USER();

Important interview questions and answers

Q: FLUSH PRIVILEGES?
A: Reloads grant tables—needed after manual grant table edits.
Q: Root in app?
A: Never—compromise becomes full cluster control.

Self-check

Minimum grants for app CRUD?
Why not use root in Laravel .env?

Tip: App role: CRUD on one DB only—never SUPER.

Interview prep

Least privilege?: App user limited to one database CRUD.
GRANT?: Assigns privileges to user@host.

Discussion

Past discussion is visible to everyone. Only logged-in users can post comments and replies.

Starter discussion topics

App not root?
GRANT scope?

No discussion yet. Be the first to ask a question.