Skip site navigation (1) Skip section navigation (2)

Re: Authorized privileges when calling a procedure

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com>
Cc: "'pgsql-novice(at)postgresql(dot)org'" <pgsql-novice(at)postgresql(dot)org>
Subject: Re: Authorized privileges when calling a procedure
Date: 2005-04-22 15:03:33
Message-ID: 837.1114182213@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-novice
"Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com> writes:
> I have another question. It appears that when you create a procedure and
> grant access on it to another user, the user must have privileges to all
> objects that the procedure references. Can someone confirm this, and is
> there a way to change the privilege authorization to the user that defined
> the procedure?

Mark the function as SECURITY DEFINER --- this is like setuid programs
in Unix.

(No, it's not a very intuitive label for the behavior, but it's what
the SQL spec says to use.)

			regards, tom lane

In response to

pgsql-novice by date

Next:From: Bruno Wolff IIIDate: 2005-04-22 15:14:18
Subject: Re: Granting permission on a sequence to a group
Previous:From: tövisDate: 2005-04-22 14:59:54
Subject: Re: Granting permission on a sequence to a group

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group