> Do you know about the "SQL SECURITY { DEFINER | INVOKER }" options to > CREATE PROCEDURE? With them it should be possible to > * deny selects to users on the tables > * allow selects to users to this procedure > * having the procedure itself working with the rights of root/definer
I did not, but now I do. Do in this case, I have two users. User 1 svreader has limited select access to the database (specifically tables that do prevent disclosure of information). User 2 is svreaderauth has full select access to the database. If I'm understanding the docs correct (which I'm probably not), I should create the procedure with [EMAIL PROTECTED] CREATE [EMAIL PROTECTED] PROCEDURE sp_testlogin( P_user_name VARCHAR(32), P_password VARCHAR(32) ) BEGIN SELECT user_id, user_fullname, date_last_login FROM users WHERE user_name = P_user_name AND user_password = P_password; END Is this correct? The next question is what permissions do I need to give [EMAIL PROTECTED] to just access that one permission? -- MySQL General Mailing List For list archives: http://lists.mysql.com/mysql To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]