Users can create procedural objects (procedures, views, etc.) that name objects which they normally do not have access to, although they are not allowed to execute the procedure or use the view.Previously, attempts to create the procedural object would fail when the create command was run. Now, the create command succeeds, but attempts to use the object fail.
For example, the following command to create a procedure succeeds, even though the user issuing the command does not have permission on mary.sales_prospects:
create proc steal_leads as select * from mary.sales_prospects
However, this user cannot execute the procedure; the attempt to execute returns a permissions error.