从定义者帐户执行 mysql 存储过程,没有执行权限
Execute a mysql stored procedure from the definer account, without execute privileges
我在我的 mariaDB 数据库中创建了一个存储过程。定义者是一个没有执行权限的受限用户(在数据库、table 和过程级别)。
但是我可以从这个帐户成功执行这个程序。
这是正常行为吗,定义者即使没有 EXECUTE 权限也可以执行该过程?
这是正常现象。来自 manual:
The EXECUTE privilege is required to execute stored routines. However, this privilege is granted automatically to the creator of a routine if necessary (and dropped from the creator when the routine is dropped). Also, the default SQL SECURITY characteristic for a routine is DEFINER, which enables users who have access to the database with which the routine is associated to execute the routine.
我在我的 mariaDB 数据库中创建了一个存储过程。定义者是一个没有执行权限的受限用户(在数据库、table 和过程级别)。
但是我可以从这个帐户成功执行这个程序。
这是正常行为吗,定义者即使没有 EXECUTE 权限也可以执行该过程?
这是正常现象。来自 manual:
The EXECUTE privilege is required to execute stored routines. However, this privilege is granted automatically to the creator of a routine if necessary (and dropped from the creator when the routine is dropped). Also, the default SQL SECURITY characteristic for a routine is DEFINER, which enables users who have access to the database with which the routine is associated to execute the routine.