| From: | Paul Hart <paulhart(at)redchocolate(dot)ca> |
|---|---|
| To: | pgsql-sql(at)postgresql(dot)org |
| Cc: | Paul Hart <paulhart(at)redchocolate(dot)ca> |
| Subject: | Execute permissions for stored functions |
| Date: | 2004-01-19 02:58:38 |
| Message-ID: | 61572386-4A2B-11D8-8678-000393CC268A@redchocolate.ca |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
Hi all,
From what I've seen in the archives, questions like this have kind of
been answered in the past, but I was wondering if there have been any
changes in this area, or if anyone has good ideas on how to do what I'm
about to ask :)
In RDBMSs such as Oracle, stored PL/SQL functions run with the
permissions of the user that creates the function. Users who are given
EXECUTE privileges then call the function with the permissions of the
creator of the function.
Is this how things work with PL/pgSQL in PostgreSQL? From my
understanding, the answer is 'no.' If the answer really is 'no,' then
how do I achieve the same thing?
The main benefit for this is in security - I have a dynamic web
application that requires (a lot of) access to a PostgreSQL database. I
want to make sure that the user doesn't have direct access to change
the content of tables, but rather to alter their contents, in
predetermined ways, through a set of functions. It's another layer that
protects against hacking, and because my project involves a lot of
monetary transactions (and database transactions), I want to reduce my
potential for malicious abuse.
Many thanks in advance for you help,
Paul
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-01-19 04:10:29 | Re: Problem with LEFT JOIN |
| Previous Message | Vishal Kashyap @ [Sai Hertz And Control Systems] | 2004-01-18 22:29:00 | Re: Trigger to identify which column(s) updated |