Comments on: Import mysql dump files with view definer and sql security

By: Jan Novotný

Jan Novotný — Fri, 16 May 2014 18:05:00 +0000

On Linux machines you can use this one-liner to redefine definer for existing views:

mysql -uuser -ppwd -A –skip-column-names -e”SELECT CONCAT(‘SHOW CREATE VIEW ‘,table_schema,’.’,table_name,’;’) FROM information_schema.tables WHERE engine IS NULL and table_schema like ‘mydb%'” | mysql -uuser -ppwd -A –skip-column-names | sed -rn ‘s/.*?VIEW ([^s]+?) (AS .*?)s([^s]+?)s([^s]+?)/DROP VIEW 1;nCREATE VIEW 1 2;/p’ | mysql -uuser -ppwd -A –skip-column-names

You have only to replace strings in bold with your DB user credentials and database name / like pattern.

More info here: http://blog.novoj.net/2014/05/16/recreate-mysql-views-without-definer-one-liner-solution-linux/

By: drm

drm — Thu, 15 Sep 2011 12:57:44 +0000

veggen is right. Views with SQL SECURITY DEFINER is a mechanism to provide data to users that otherwise wouldn’t have the privileges to execute the SELECT query that defines the VIEW.

In other words, the VIEW’s SELECT query (or anything within a FUNCTION or PROCEDURE) is executed with (typically) elevated privileges.

By: veggen

veggen — Fri, 22 Oct 2010 15:21:57 +0000

I don’t think you got this right. Using INVOKER security context means that the view/procedure/function will execute with the privileges of the invoker. On the other hand, using DEFINER security context, means the view will execute with definer’s privileges so, in this case, invoker’s privileges are irrelevant.