Packages without an AUTHID
clause default to AUTHID DEFINER
.
PL/SQL packages can be either AUTHID DEFINER
or AUTHID CURRENT_USER
. Functions and procedures in a package with definer's rights execute under the privileges of the user that defines the package. This can allow updates and access to specific pieces of data without granting access to entire tables or schemas. In a package with invoker's rights, or AUTHID CURRENT_USER
, functions and procedures execute under the privileges of the user who invokes them. This does not allow a user to gain access to data it didn't already have access to. If no AUTHID
clause is provided, the package defaults to definer's rights.
Packages are usually defined by SYS
or another highly privileged user, making any exploits of the code potentially more dangerous.
[1] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 265
[2] Steven Feuerstein Oracle PL/SQL Best Practices O'Reilly
[3] Standards Mapping - Payment Card Industry Data Security Standard Version 1.2 - (PCI 1.2) Requirement 6.5.7, Requirement 7.2
[4] Standards Mapping - Payment Card Industry Data Security Standard Version 2.0 - (PCI 2.0) Requirement 6.5.8