5.2. PL/SQL Execution Privileges
There are two modes of execution privileges — definer rights and invoker rights. By default, PL/SQL procedures and functions execute with the privileges of definer — in other words, the person who defined the package. Strictly speaking, however, this isn't exactly true. Definer rights should more accurately be called "owner" rights because it is possible for a user with the CREATE ANY PROCEDURE privilege to define a procedure in another user's schema. This would not execute with the definer's privileges but with the privileges of the user who owns the schema where the procedure is defined. For the most part, however, the definer usually is the same as the owner.
Figure 5-1. Calling out from PL/SQL to C functions or Java methods
For example, assume the user FOO creates a procedure called BAR and grants the EXECUTE permission on it to PUBLIC. Anyone executing the BAR procedure will effectively gain the same privileges as FOO for the duration of the procedure's execution. Note, however, that only privileges directly assigned to FOO will be present, and not those assigned through role membership. (Thus if FOO is a DBA, but only because FOO has been assigned membership of the DBA role, when the BAR procedure executes, it will not do so with DBA privileges.) This is an important distinction. The advantage of the definer rights model is that a user can ...
Get The Oracle® Hacker's Handbook: Hacking and Defending Oracle now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.