Bug #17522 MTK not generating SQL SECURITY clauses
Submitted: 17 Feb 2006 11:17 Modified: 14 Jan 2014 16:00
Reporter: Kristian Koehntopp Email Updates:
Status: Not a Bug Impact on me:
None 
Category:MySQL Workbench Severity:S4 (Feature request)
Version:1.0.23, 1.1.16 OS:Windows (Windows)
Assigned to: CPU Architecture:Any

[17 Feb 2006 11:17] Kristian Koehntopp 
Description:
When porting VIEWS, MTK does not generate SQL SECURITY INVOKER clauses. The default for missing SQL SECURITY clauses is SQL SECURITY DEFINER, so all VIEW will ultimately run by default as the user who did the migration, often "root".

This is even more important when MTK migrates FUNCTIONS, PROCEDURES and TRIGGERS sometimes.

How to repeat:
Run a migration with VIEWS, SHOW CREATE VIEW ... the resulting view.

Suggested fix:
Generate SQL SECURITY INVOKER clauses by default.
Actually look at the source definitions, and if the source view has SQL SECURITY like information try to port it. Also port DEFINER information, if possible (requires migration of grant tables as well!).
[11 Feb 2009 15:00] Susanne Ebrecht 
Many thanks for pointing this out.

Because this is a security risk this is a bug and not just a feature.

Verified as described by using actual version.
[14 Jan 2014 16:00] Alfredo Kojima 
Neither the old migration toolkit nor workbench migration support migrating views. It's up to the user to properly translate their views and routines.