Skip site navigation (1) Skip section navigation (2)

Re: function privileges

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Murat Tasan <murat(dot)tasan(at)cwru(dot)edu>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: function privileges
Date: 2006-02-03 16:34:29
Message-ID: 26964.1138984469@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-novice
Murat Tasan <murat(dot)tasan(at)cwru(dot)edu> writes:
> Now, as the owner of the database, execute
> CREATE FUNCTION F(T.id%TYPE) RETURNS T.name%TYPE AS $$ SELECT name  
> FROM T WHERE id = $1; $$ LANGUAGE SQL;

> Now login as user A and try:
> SELECT * FROM F(69);
> (and let 69 be some id in T).

> The execution fails, stating that user A doesn't have SELECT  
> privileges on T.

Right, because the function is running with A's privileges.
If you want the function to run with its owner's privileges,
label it SECURITY DEFINER.

			regards, tom lane

In response to

pgsql-novice by date

Next:From: Tjibbe RijpmaDate: 2006-02-04 00:00:53
Subject: maximum for database users?
Previous:From: Murat TasanDate: 2006-02-03 16:27:47
Subject: Re: function privileges

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group