-1

UPDATE Application SET Accepted='YES' WHERE stID IN (SELECT stID FROM Student WHERE Grades>3.9);

So the question is what priviliges to grant a user that needs to successfully run this code.

My guess is:

UPDATE permission on Application, SELECT on Application and SELECT on Student, so UPDATE on Student is not required.

The question asks if SELECT on Application is required(?) (Because of the WHERE part) and is UPDATE on Student required (I'm pretty sure this one is a no).

Another question too:

query: DELETE FROM Student WHERE stID NOT IN (SELECT stID FROM Application)

question: Which of these priviliges isn't required? a) Delete on Student

b) Select on Student

c) Delete on Application

d) Select on Application

Mainly these answers is something that i need to be sure on, just asking your opinions.

user3809685
  • 1
  • 1

1 Answers1

1

UPDATE permission on Application, SELECT on Application and SELECT on Student, so UPDATE on Student is not required.

That's right.

The question asks if SELECT on Application is required(?) (Because of the WHERE part)

SELECT privileges are required on Application because of the WHERE clause. An update statement like this

update application set accepted = 'yes';

doesn't require SELECT privileges.

and is UPDATE on Student required (I'm pretty sure this one is a no).

Nobody's trying to update Student. UPDATE privileges on Student aren't required.

All this is easy to test. Install a free, open source database like PostgreSQL. Open two sessions. Connect as a superuser on one, and connect as a test user on the other. Use the superuser session to grant and revoke privileges, and the test session to execute queries.

Mike Sherrill 'Cat Recall'
  • 91,602
  • 17
  • 122
  • 185