Murat Tasan <murat(dot)tasan(at)cwru(dot)edu> writes:
> Now, as the owner of the database, execute
> CREATE FUNCTION F(T.id%TYPE) RETURNS T.name%TYPE AS $$ SELECT name
> FROM T WHERE id = $1; $$ LANGUAGE SQL;
> Now login as user A and try:
> SELECT * FROM F(69);
> (and let 69 be some id in T).
> The execution fails, stating that user A doesn't have SELECT
> privileges on T.
Right, because the function is running with A's privileges.
If you want the function to run with its owner's privileges,
label it SECURITY DEFINER.
regards, tom lane
In response to
pgsql-novice by date
|Next:||From: Tjibbe Rijpma||Date: 2006-02-04 00:00:53|
|Subject: maximum for database users?|
|Previous:||From: Murat Tasan||Date: 2006-02-03 16:27:47|
|Subject: Re: function privileges|