Mini SQL Access Control.
-----------------------

Access control is managed by the msql.acl file in the installation
directory.  This file is split into entries for each database to be
controlled.  If the file doesn't exist or details for a particular
database aren't configured, access reverts to global read/write.

an example entry is included below

---------------
# Sample access control for mSQL

database=test
read=bambi,paulp,-*
write=root
host=*.Bond.edu.au
access=local,remote

---------------

Using this definition, database 'test' can be accessed by both local and
remote connections from any host in the Bond.edu.au domain.  Read access is 
granted to bambi and paulp and denied for everyone else.  Write access is 
only available to root.  Control is based on the first match found for a 
given item.  So, a line such as "read=-*,bambi" would not deny access to 
everyone other than bambi because -* will also match bambi.  In this case 
the line would have to be "read=bambi,-*".

Note that if a match isn't made for a particular item, it default to a
denial.  For example, if there is no "read" line (i.e. there are no read
tokens after the data is loaded) nobody will be granted read access.
This is in contrast to the action taken if the entire database
definition is missing in which case access to everything is granted.

Another thing to note is that a databases entry _must_ be followed by a
blank line to signify the end of the entry.  There may also be multiple
config lines in the on entry (such as "read=bambi,paulp"  "read=root").
The data will be loaded as though it was concatenated onto the same
"read" line (i.e. "read=bambi,paulp,root").

The acl info can be reloaded at runtime using "msqladmin reload".  This
will parse the file before it sends the reload command to the engine.
Only if the file is parsed cleanly is it reloaded.  Like all msqladmin
commands, it will only be accepted if generated by the root user (or
whoever the database was installed as) on the localhost.