What are definer and invoker rights in database, Oracle and MySQL? I just don't get it.
Database – Definer and Invoker Rights in Oracle and MySQL
MySQLoracle
Related Question
- Mysql – Database user specified as a definer
- Mysql – In creating view use SQL Security definer or invoker
- What all to start for oracle database server
- MySQL – Problems caused by SQL Security definer or invoker
- Thesqldump error on common_schema
- What are the risks of changing oracle sys password
- Why Oracle Query Fails with Invoker Rights
- MySQL 8.0.22 Trigger Issue – Requires Definer to Be Logged In
Best Answer
Let's take a simple example:
You have this procedure using "definer rights" - which is the default in Oracle.
Another user who calls this procedure only needs
EXECUTE
privilege for this procedure, it is not required that such user hasDELETE
privilege on table EMP.Procedure runs under permission of the procedure owner (or user who defined it, thus it is called "definer" rights).
"Inovker Rights" is the opposite. A user who likes to runs this procedure successfully must have
EXECUTE
privilege for this procedure andDELETE
privilege for table EMP.There are some more points regarding definer and invoker rights but for a general understanding this should be enough.