The task is the following - you need to allow working with the database only through stored procedures.
Is it possible to restrict access in MySQL to simple operations: SELECT, UPDATE, DELETE, etc., so that these operations work in stored procedures / functions?
When creating a procedure, you can specify its creator (by default, this is CURRENT_USER) and the rights with which it is executed. The rights can be DEFINER (execute with the rights of the creator) and INVOKER (execute with the rights of the calling user). Thus, the procedure
CREATE DEFINER = 'root'@'localhost' PROCEDURE sp_name SQL SECURITY DEFINER BEGIN .......... END can do anything, regardless of what rights the caller has
Source: https://ru.stackoverflow.com/questions/571853/
All Articles