I don't feel strongly about either way without the details of how this is to be used, but I do have a few pointers you might use to push either case:

. performance: if your user table contains variable length fields (varchar, blob, text), it could make sense to move accprivs to another table without them. enum fields or fixed length fields only allows MySQL to use a faster table format.

. If the "bitmap" is one database field, you fail the 1st normal form of database design.

. If any priviledge depends on another priviledge, the database would not be in the 3rd normal form untill you split privileges into more tables

tiago