[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Permissions on UU tables

To: uu@total-knowledge.com
Subject: Re: Permissions on UU tables
From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
Date: Tue, 23 Mar 2010 08:34:18 +0200
Delivered-to: mailing list uu@total-knowledge.com
In-reply-to: <a75bc3cf1003221523t5922e92fi52d64f92bd89d193@mail.gmail.com>
Mailing-list: contact uu-help@total-knowledge.com; run by ezmlm
References: <4BA79ED9.40005@total-knowledge.com> <a75bc3cf1003221330g487bba8cr63cb2343b4a08386@mail.gmail.com> <4BA7D943.2040901@total-knowledge.com> <a75bc3cf1003221523t5922e92fi52d64f92bd89d193@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.8) Gecko/20100318 Thunderbird/3.0.3

On 03/23/10 00:23, Alexey Parshin wrote:
> Yeap. Usually that user is a DBA that created the database.
>
> On 23 March 2010 07:55, Ilya A. Volynets-Evenbakh
> <ilya@total-knowledge.com>wrote:
>
>   
>> Aha. So the key here is that DML permissions on tables should be granted
>> to the user which owns procedures.
>>     
Turns out one of procedures wasn't marked as security definer.
I guess the policy is
All public procedures are marked as "SECURITY DEFINER".
All internal procedures are _not_.

-- 
Ilya A. Volynets-Evenbakh
http://www.total-knowledge.com

Follow-Ups:
- Re: Permissions on UU tables
  - From: Alexey Parshin <alexeyp@gmail.com>

References:
- Permissions on UU tables
  - From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: Permissions on UU tables
  - From: Alexey Parshin <alexeyp@gmail.com>
- Re: Permissions on UU tables
  - From: "Ilya A. Volynets-Evenbakh" <ilya@total-knowledge.com>
- Re: Permissions on UU tables
  - From: Alexey Parshin <alexeyp@gmail.com>

Prev by Date: Re: Permissions on UU tables
Next by Date: Re: Permissions on UU tables
Previous by thread: Re: Permissions on UU tables
Next by thread: Re: Permissions on UU tables
Index(es):
- Date
- Thread

UniverseUniversity

uu

Re: Permissions on UU tables