Allow SELECT on specific column only

Posted on

Question :

I have a User table with 3 column; name, email, password, etc.

I would like to create another user that can only SELECT the name column.

SELECT name     FROM User;    -- Ok!
SELECT email    FROM User;    -- Not Ok!

Can this be done on MySQL?

Answer :

For this you need to grant select permission to user (MySQL User) on that particular column of table.

GRANT SELECT (name) ON MyDb.User TO 'MySQLUser'@'MySQLHost';

For explanation have a look at MySQL Documentation on column Privileges

It would typically be better to use a view to hide columns as needed and then GRANT permissions on the view.

This decouples the table structure and permssions. If you change the table or recreate it, permissions will be lost. Or add a new column that now need separate permissions.

a.k.a add some views to simplify the permission set hierarchy.

Leave a Reply

Your email address will not be published. Required fields are marked *