Re: DML Restriction unless through a function

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: val(at)webtribe(dot)net
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: DML Restriction unless through a function
Date: 2004-06-30 13:52:32
Message-ID: 20040630135232.GA13891@wolff.to
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

On Wed, Jun 30, 2004 at 13:21:00 +0100,
val(at)webtribe(dot)net wrote:
>
> If I revoke insert,update,delete privileges on a table, would
> the user still be able to affect data manipulation through a
> function? Is that another way of getting around this?

If you use a security definer function where the function creator
has access to the table, but others don't then you can do that.
There are some issues if you start using such functions in views,
but for simple usage it will do what you want.

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Adam Witney 2004-06-30 14:02:33 Re: DML Restriction unless through a function
Previous Message joseph speigle 2004-06-30 13:48:27 Re: mysql2postgres has no documentation?