How do you exclude one table access from a database with too many tables? In previous versions of MariaDB and MySQL, you have to specifically grant access to all other tables individually. This does not scale, especially if tables are created and dropped frequently.
Reverse privileges solve this problem and many other use cases. With just one SQL statement you can ensure a user can never access a resource, regardless which roles or other privileges are granted to it.
Reverse privileges do not work in a vacuum, so we will start with a broad view of the full privilege system, before diving into the specifics of denying access to resources.
Vicentiu works at the MariaDB Foundation as a Software Engineer. He focuses on Optimizer development, but has also worked on other parts of the MariaDB Server.
Notable projects include:
Window Functions in MariaDB
Custom Aggregate Functions in MariaDB
Roles in MariaDB