Hello everyone,
I am not sure whether it is possible to setup a security policy like this with store procedure. The user account foo could only access database through store procedure, not possible to do other operations, like select/update on the tables of the database directly without using the store procedure.
My store procedure is doing some select/update job. My confusion is, as the user needs to use the store procedure and the store procedure is doing select/update job, then I have to grant the user to have select/update privilege of the database tables? Then the user could skip using the store procedure and select/update database tables directly which causes a security hole. My purpose is to let user use store procedure all the time, no walk around to access database without using store procedure.
Any advice to solve my probleme?
thanks in advance,George