Stored Procedures as Security Mechanisms

You can use stored procedures as security mechanisms to control access to information in tables, and to control the ability to perform data modification.

For example, you can deny other users permission to use the select command on a table that you own, and create a stored procedure that allows them to see only certain rows or certain columns. You can also use stored procedures to limit update, delete, or insert statements.

The person who owns the stored procedure must own the table or view used in the procedure. Not even a system administrator can create a stored procedure to perform operations on another user’s tables, if the system administrator has not been granted permissions on those tables.

See, Managing User Permissions, in the Security Administration Guide.