Re: security definer default for some PL languages (SQL/PSM)?

From: "Pavel Stehule" <pavel(dot)stehule(at)hotmail(dot)com>
To: tgl(at)sss(dot)pgh(dot)pa(dot)us
Cc: pgsql-hackers(at)postgresql(dot)org
Subject: Re: security definer default for some PL languages (SQL/PSM)?
Date: 2007-01-07 18:25:19
Message-ID: BAY114-F367AD7633116DA053BE695F9BD0@phx.gbl
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

>
>"Pavel Stehule" <pavel(dot)stehule(at)hotmail(dot)com> writes:
> > SQL/PSM default for SQL procedures are SECURITY DEFINER (like views),
>but
> > PostgreSQL default is SECURITY CALLLER. Is acceptable to define security
> > flag in dependency to used language?
>
>I'd vote no, even if Peter is wrong and you're right about what the spec
>says. A PL gets to set the rules within its function body, not outside.

I prefare security invoker too. It's secure. This question is again here
over some years. Spec knows both, but doesn't speak clearly which is
default. From my view SECURITY DEFINER is more natural and consistent in SQL
framework (like views) and maybe a little bit simpler for some beginers. My
view isn't too important. I checked this topic again and I thing so default
depends on implementation now.

>Next you'll be telling us that the standard requires that the CREATE
>FUNCTION not use a dollar-quoted function body ... to which the answer
>will be "too bad". I think the principle of least surprise dictates
>that security properties shouldn't be inconsistent across PLs.

I am finding solution and concensus. Propably CREATE FUNCTION without
dollar-quoted function body is more elegant, but it means big enhancing of
main parser. It hasn't sence with external parser like plpgsql or plpgpsm,
and I don't wont to do it now. Our syntax simply allow more languages and I
really haven't problem with it.

last note:

SQL/PSM doesn't specify syntax for CREATE FUNCTION or CREATE PROCEDURE
statement. So it is possible be compatible with SQL/PSM with dollar-quoted
function body. With any IDEs this topic isnt too important.

Regards
Pavel Stehule

_________________________________________________________________
Citite se osamele? Poznejte nekoho vyjmecneho diky Match.com.
http://www.msn.cz/

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2007-01-07 18:28:58 Re: Erronous sort used in query plan
Previous Message Simon Riggs 2007-01-07 18:15:26 Re: [HACKERS] COPY with no WAL, in certain circumstances