5.10 Securely Define Stored Procedures and Functions DEFINER and INVOKER

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Stored procedure and stored function declarations include a definition of permissions which can be used to escalate permissions. It's important to inspect these settings to ensure they do not unnecessarily escalate privileges.


A stored procedure or function that improperly escalates privileges may provide unintended access rights which can be improperly used.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.


Drop and recreate stored procedures and functions using proper DEFINER and INVOKER settings, or other code changes.

See Also