galinette
Reputation: 9292
Execute a mysql stored procedure from the definer account, without execute privileges
I created a stored procedure in my mariaDB database. The definer is a restricted user which has no EXECUTE privilege (at db, table, and procedure levels).
But I can successfully execute this procedure from this account.
Is this a normal behavior, that the definer may execute the procedure even if it has no EXECUTE privilege?
Upvotes: 2
Views: 480
Answers (1)
vhu
Reputation: 12788
This is normal behavior. From the manual:
The EXECUTE privilege is required to execute stored routines. However, this privilege is granted automatically to the creator of a routine if necessary (and dropped from the creator when the routine is dropped). Also, the default SQL SECURITY characteristic for a routine is DEFINER, which enables users who have access to the database with which the routine is associated to execute the routine.
Upvotes: 2
Related Questions
- Mysql Procedure Error (execute command denied to user)
- Grant Execute Function permission to another user
- Allow non-SELECT permission user to run MySQL stored procedure which has SELECT query
- Possible to have multiple users as DEFINER for MySQL Stored Procedure?
- How to grant a user access to all stored procedures on mysql?
- Allow GRANT in procedures?
- Permissions to create and run stored procedure
- How to grant execute on specific stored procedure to user
- Stored procedure privilege error
- How to grant EXECUTE Stored Procedure for a user in mysql