On 2007-02-28 Gary W. Smith wrote:
Basically, here is the stored proc. It works, but only for root. Is it
possible to allow user to execute this without having SELECT access to
the table users? If so, how?
Do you know about the SQL SECURITY { DEFINER | INVOKER } options to
CREATE
Do you know about the SQL SECURITY { DEFINER | INVOKER } options to
CREATE PROCEDURE? With them it should be possible to
* deny selects to users on the tables
* allow selects to users to this procedure
* having the procedure itself working with the rights of root/definer
I did not, but now I
The next question is what permissions do I need to give
[EMAIL PROTECTED] to just access that one permission?
The sound of that thump thump thump is my head hitting the wall.
There is like a single small line in the GRANT section of the how to
that mentioned TABLE|PROCEDURE|FUNCTIO but none of
On 2007-02-28 Gary W. Smith wrote:
...
If I'm understanding the docs correct (which I'm probably not), I should
create the procedure with [EMAIL PROTECTED]
CREATE [EMAIL PROTECTED] PROCEDURE
Better add SQL SECURITY DEFINER to it.
..
The next question is what permissions do I need to give
Better add SQL SECURITY DEFINER to it.
I noticed that it works with and without this. I have added it to the
procedure.
Another quick question though. Since I have added the end user that
will execute the procedure it works fine, until I drop the procedure and
recreate it then I have to read
