Re: Fixing insecure security definer functions

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Stephen Frost <sfrost(at)snowman(dot)net>
Cc: Peter Eisentraut <peter_e(at)gmx(dot)net>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: Fixing insecure security definer functions
Date: 2007-02-14 01:10:29
Message-ID: 1264.1171415429@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Stephen Frost <sfrost(at)snowman(dot)net> writes:
> It'll break most of the functions that we have in our production
> systems... They're not security definer functions but it's routine for
> us to switch between different schemas to run a function on.

> What about pushing all the in-function references down to the
> specific objects referenced at plan creation time (err, I thought this
> was done?)?

Wouldn't that break exactly the cases you're worried about? It would be
an enormous amount of work, too.

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Stephen Frost 2007-02-14 01:24:38 Re: Fixing insecure security definer functions
Previous Message Tom Lane 2007-02-14 01:07:01 Re: Writing triggers in C++