Skip site navigation (1) Skip section navigation (2)

Re: DML Restriction unless through a function

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: val(at)webtribe(dot)net
Cc: pgsql-general(at)postgresql(dot)org
Subject: Re: DML Restriction unless through a function
Date: 2004-06-30 13:52:32
Message-ID: 20040630135232.GA13891@wolff.to (view raw or flat)
Thread:
Lists: pgsql-general
On Wed, Jun 30, 2004 at 13:21:00 +0100,
  val(at)webtribe(dot)net wrote:
> 
> If I revoke insert,update,delete privileges on a table, would 
> the user still be able to affect data manipulation through a 
> function?  Is that another way of getting around this?

If you use a security definer function where the function creator
has access to the table, but others don't then you can do that.
There are some issues if you start using such functions in views,
but for simple usage it will do what you want.

In response to

Responses

pgsql-general by date

Next:From: Adam WitneyDate: 2004-06-30 14:02:33
Subject: Re: DML Restriction unless through a function
Previous:From: joseph speigleDate: 2004-06-30 13:48:27
Subject: Re: mysql2postgres has no documentation?

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group