The MySQL grant system takes stored routines into account as follows:
The CREATE ROUTINE
privilege is
needed to create stored routines.
The ALTER ROUTINE
privilege is
needed to alter or drop stored routines. This privilege is
granted automatically to the creator of a routine if
necessary, and dropped when the routine creator drops the
routine.
The EXECUTE
privilege is
required to execute stored routines. However, this privilege
is granted automatically to the creator of a routine if
necessary (and dropped when the creator drops the routine).
Also, the default SQL SECURITY
characteristic for a routine is DEFINER
,
which enables users who have access to the database with which
the routine is associated to execute the routine.
If the
automatic_sp_privileges
system variable is 0, the
EXECUTE
and
ALTER ROUTINE
privileges are
not automatically granted and dropped.
The server manipulates the mysql.proc
table in
response to statements that create, alter, or drop stored
routines. It is not supported that the server will notice manual
manipulation of this table.
User Comments
Add your own comment.