Skip site navigation (1) Skip section navigation (2)

Re: BUG #6076: Unexpected "Security Definer / invoker" interaction

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Dave Fennell" <dave(at)microtux(dot)co(dot)uk>
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #6076: Unexpected "Security Definer / invoker" interaction
Date: 2011-06-24 15:25:42
Message-ID: 26125.1308929142@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-bugs
"Dave Fennell" <dave(at)microtux(dot)co(dot)uk> writes:
> I would expect that if a function defined as "security definer" calls a
> function defined as "security invoker" the "invoker" role used would be the
> "definer" of the first function?

So would I.

> However it appears that the *actual*
> invoker (current user) is used.

You did not provide any evidence of that.  Please show a *complete*
self-contained test case.

			regards, tom lane

In response to

pgsql-bugs by date

Next:From: Dmitry GrebeniukDate: 2011-06-24 16:43:56
Subject: BUG #6077: documentation on PQfmod for numeric data types
Previous:From: Dave FennellDate: 2011-06-24 14:48:40
Subject: BUG #6076: Unexpected "Security Definer / invoker" interaction

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group