Skip site navigation (1) Skip section navigation (2)

Re: Re-enabling SET ROLE in security definer functions

From: "Turner, Ian" <Ian(dot)Turner(at)deshaw(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: Heikki Linnakangas <heikki(dot)linnakangas(at)enterprisedb(dot)com>, Gurjeet Singh<singh(dot)gurjeet(at)gmail(dot)com>, PGSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, George Williams <george(dot)williams(at)enterprisedb(dot)com>
Subject: Re: Re-enabling SET ROLE in security definer functions
Date: 2009-12-31 20:52:16
Message-ID: 5D5C2F4B28E2514BBAB8E82572912B641C7E86361B@NYCMBX3.winmail.deshaw.com (view raw or flat)
Thread:
Lists: pgsql-hackers
> -----Original Message-----
> From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us] 
> I agree that you have a problem to solve, but defining the problem as
> "please can we have SET ROLE back" is not going to lead you to a secure
> solution.

Fair enough. Thanks for the analysis.

--Ian

In response to

pgsql-hackers by date

Next:From: Jeff DavisDate: 2009-12-31 21:16:54
Subject: Re: Serializable Isolation without blocking
Previous:From: Tom LaneDate: 2009-12-31 20:50:59
Subject: Re: Re-enabling SET ROLE in security definer functions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group