| From: | pgsql-bugs(at)postgresql(dot)org |
|---|---|
| To: | pgsql-bugs(at)postgresql(dot)org |
| Subject: | Bug #884: Schema access not inherited by functions declared SECURITY DEFINER |
| Date: | 2003-01-24 17:37:06 |
| Message-ID: | 20030124173706.9A79847722B@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
Jason B. Alonso (jalonso(at)mit(dot)edu) reports a bug with a severity of 3
The lower the number the more severe it is.
Short Description
Schema access not inherited by functions declared SECURITY DEFINER
Long Description
When calling a function declared SECURITY DEFINER, I get permission denied errors on schemas that the function would access. In my cases, no permissions are granted to the schemas are granted to the users calling the functions, but the owner/definer of the functions is the owner/definer/explicitly-permitted-user of the schemas in question.
The problem is a "minor annoyance" to me in that I can circumvent the problem in my application by granting schema usage to PUBLIC (and explicitly revoking access to the schema's tables, etc.), but it may not be quite so minor to others.
Version: PostgreSQL 7.3 running on Cygwin/Win2k
Sample Code
No file was uploaded with this report
| From | Date | Subject | |
|---|---|---|---|
| Next Message | pgsql-bugs | 2003-01-24 19:07:53 | Bug #885: Trouble with timestamps after vacuuming |
| Previous Message | Tom Lane | 2003-01-24 16:55:35 | Re: Bug #882: Cannot manually log in to database. |