| From: | Sergey Holod <sergey(at)radiocom(dot)net(dot)ua> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Subject: | Making "SECURITY DEFINER" procedures.. |
| Date: | 2003-04-29 20:53:18 |
| Message-ID: | 200304292353.18228.sergey@radiocom.net.ua |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Hello!!!
Just trying to make subj
I made user "data", schema "data", several tables and small procedures on them
in that schema and then a greater function (as "SECURITY DEFINER") in
"public" schema which uses previous functions.
I graned "EXECUTE" access to that function to "PUBLIC".
When I try execute that function I get "ERROR: data: permission denied", but
when I add some notices between parts of function I see following:
tst=> select new_session('sergey','mypassword');
NOTICE: current user is data
NOTICE: after delete
NOTICE: after select
NOTICE: after insert
NOTICE: before return
ERROR: data: permission denied
so function executed with "data" privilegies, It deletes some data,
inserts another and so on, It even runs till "return", but then I get error...
It seems last error takes place during "auto commit" of transaction in which
function executes..
Just don't undestand what is happens..:(
--
With Best Regards,
Sergey Holod
SAH1-RIPE
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sergey Holod | 2003-04-29 20:58:35 | Making "SECURITY DEFINER" procedures.. |
| Previous Message | Stephan Szabo | 2003-04-29 17:55:00 | Re: How I write pretty query |