I have a stored procedure in database a that contains dynamic sql to perform an insert into a table in database b. What permissions does the executing user need on database b?
Mysql – What permissions do I need if database a contains a stored procedure that inserts into a table in database b (same machine)
MySQLpermissionsstored-procedures
Related Question
- Sql-server – Stored Procedure as Create Table proxy
- MySQL – Stored Procedure User Privilege Management
- SQL Server – CREATE and DROP TABLE Permissions in Stored Procedures
- T-SQL – Script Execute Permissions on Stored Procedure
- SQL Server – Metadata Not Determined Due to Dynamic SQL in Stored Procedure
- SQL Server – Understanding _localserver_view in MSDB Database Table
- SQL Server – Executing a Stored Procedure Which Selects and Inserts into Tables
- Sql-server – How to grant execute permissions to a stored procedure but not to the underlying databases
Best Answer
It all depends on how the Stored Procedure was created
In the table
mysql.proc(physical home of Stored Procedures), there is am ENUM column calledsecurity_typedefined asenum('INVOKER','DEFINER').If a Stored Procedure was defined as
DEFINERand the calling user has the EXECUTE privilege, then all grants are proxied and the calling user can run everything in the Stored Procedure. Nevertheless, you will be able to run it.If a Stored Procedure was defined as
INVOKER, then the calling user needs to have all necessary grants before the calling user can run everything in the Stored Procedure.If you are in database A running
CALL B.MyProc()as myuser@'%', thenmyuser@'%'needs to have the EXECUTE privilege to even call Stored Procedures.In your case, if you are in database A running
CALL MyProc()as myuser@'%', then myuser@'%' needs the database-level grants to database B defined. SUGGESTION: Move the Stored Procedure to database B, give the user the EXECUTE privilege and run runningCALL B.MyProc().