What is everyone's opinion for exclusively using Stored Procedures
for increased security? The scenario I am thinking of means having
one user which is widely accessible (large numbers of staff/user for
example) and only has access to some stored procedures, which where
create with SECURITY DEFINER so that they are run with the definers
permissions (which are assumed liberal enough to do whatever is
needed of the stored procedures.) I am especially wondering about how
easy it would be to write the functions in a way which made it very
hard/impossible to do something that wasn't intended of them. Has
anyone implemented anything like this before? What was developing new
bits of code which required access to it like?
---------------------------(end of broadcast)---------------------------
TIP 6: explain analyze is your friend