The stored function year_to_date is created by the 'root'@'localhost' account as follows:

CREATE FUNCTION year_to_date ()
RETURNS DECIMAL(10,2)
SQL SECURITY DEFINER
BEGIN
...
END;
Within the routine body, a number of calculations are made on data in the financials table and the calculated value is
returned. The only account which can access the financials table is 'root'@'localhost'.
If a client connects with the account 'joe'@'localhost' and calls the year_to_date function, what will happen?
A. The function will not execute, as 'joe'@'localhost' does not have access to the financials table
B. The function will not execute as SQL SECURITY DEFINER has been specified. It would execute if instead SQL
SECURITY INVOKER had been specified
C. The function will always execute as if it was 'root'@'localhost' that invoked it since SQL SECURITY DEFINER has
been specified.
D. If the account 'joe'@'localhost' has the EXECUTE privilege on year_to_date, the function will complete successfully

Answer: D

0 comments: