SQL SECURITY [CORE5568] #5835
Assignees
Comments
Modified by: @romansimakovassignee: Roman Simakov [ roman-simakov ] |
|
Commented by: @romansimakov Mainly implemented by: |
Modified by: @romansimakovstatus: Open [ 1 ] => Resolved [ 5 ] resolution: Fixed [ 1 ] Fix Version: 4.0 Alpha 1 [ 10731 ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Submitted by: @romansimakov
Makes it possible to execute some objects with permissions of either definer or invoker.
By default INVOKER is used to keep backward compatibility.
If INVOKER is specified a current set of privileges of the current user will be used.
If DEFINER - a set of privileges of object owner will be used to check an access to database objects used by this object.
Trigger inherits SQL SECURITY option from TABLE but can overwrite it by explicit specifying. If SQL SECURITY option
will be changed for table, existing triggers without explicitly specified option will not use new value immediately
it will take effect next time trigger will be loaded into metadata cache.
For procedures and functions defined in package explicit SQL SECURITY clause is prohibit.
The text was updated successfully, but these errors were encountered: