Skip site navigation (1) Skip section navigation (2)

Re: Authorized privileges when calling a procedure

From: "Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com>
To: 'Tom Lane' <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: "'pgsql-novice(at)postgresql(dot)org'" <pgsql-novice(at)postgresql(dot)org>
Subject: Re: Authorized privileges when calling a procedure
Date: 2005-04-22 16:11:00
Message-ID: 41669DC6FE3B80449A33A4DD46DB370A09E7EAFA@entcoexch15.broadband.att.com (view raw or flat)
Thread:
Lists: pgsql-novice
Great, that's exactly what I need.

Thanks! 

-----Original Message-----
From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us] 
Sent: Friday, April 22, 2005 9:04 AM
To: Walker, Jed S
Cc: 'pgsql-novice(at)postgresql(dot)org'
Subject: Re: [NOVICE] Authorized privileges when calling a procedure 

"Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com> writes:
> I have another question. It appears that when you create a procedure 
> and grant access on it to another user, the user must have privileges 
> to all objects that the procedure references. Can someone confirm 
> this, and is there a way to change the privilege authorization to the 
> user that defined the procedure?

Mark the function as SECURITY DEFINER --- this is like setuid programs in
Unix.

(No, it's not a very intuitive label for the behavior, but it's what the SQL
spec says to use.)

			regards, tom lane

pgsql-novice by date

Next:From: Michael FuhrDate: 2005-04-22 16:19:28
Subject: Re: CHECK Constraints
Previous:From: Van Ingen, LaneDate: 2005-04-22 16:02:41
Subject: CHECK Constraints

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group