Re: Priviliges and Roles

From: Bruno Wolff III <bruno(at)wolff(dot)to>
To: Dayo Johnson <dayoj(at)cleanjohn(dot)net>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: Priviliges and Roles
Date: 2006-02-27 18:39:29
Message-ID: 20060227183929.GA24041@wolff.to
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

On Mon, Feb 27, 2006 at 12:09:48 +0000,
Dayo Johnson <dayoj(at)cleanjohn(dot)net> wrote:
> Hello,
>
> Is it possible to do the following:
> Disallow permission to write to a table (either by UPDATE or INSERT) but
> allow EXECUTE permission on a Function that writes to the table ?
>
> The reason I want to do this is so that I can perform certain checks on
> the data that is being written before I allow it to be written.

You can use SECURITY DEFINER functions to do this. Those functions run
with the access rights of the function creator, rather than the executor.

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message August Zajonc 2006-02-27 23:22:54 Security / Annoucements List
Previous Message E.Karystinakis 2006-02-27 16:07:12 Database information