Validating sql privileges
If you grant system privileges to roles, then you can use the roles to manage system privileges.
For example, roles permit privileges to be made selectively available. Some schema objects, such as clusters, indexes, triggers, and database links, do not have associated object privileges. For example, to alter a cluster, a user must own the cluster or have the system privilege.
By commenting, you are accepting the DISQUS terms of service.
You grant privileges to users so these users can accomplish tasks required for their job.
At runtime, the privileges of the owner of a definer-rights stored procedure are always checked before the procedure is executed.
If a necessary privilege on a referenced object has been revoked from the owner of a definer-rights procedure, then the procedure cannot be executed by the owner or any other user.
You can use definer-rights procedures to control access to private database objects and add a level of database security.
By writing a definer-rights procedure and granting only privilege to a user, the user can be forced to access the referenced objects only through the procedure.