Skip site navigation (1) Skip section navigation (2)

Re: grant problem

From: Michael Fuhr <mike(at)fuhr(dot)org>
To: Rajarshi Mukherjee <mukherjee(dot)rajarshi(at)gmail(dot)com>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: grant problem
Date: 2005-03-23 06:58:36
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-novice
On Wed, Mar 23, 2005 at 12:09:33PM +0530, Rajarshi Mukherjee wrote:

> i am ony giving usage grant on a function in my schema  to another user.

I think you mean you're granting usage on the schema -- "USAGE"
isn't a valid privilege type for functions.

> Then how come he's been able to execute the function in the following way?
> select ins.validate('nyname','mypassword');

The default privilege for functions grants EXECUTE to PUBLIC, so if
you've granted USAGE on the schema then users can execute functions
in that schema.

> But if i don't give usage grant and straight way give execute grant on
> the function, the user gets an error:- permission denied for schema
> ins.

Users who don't have USAGE on the function's schema won't be able
to execute the function, regardless of the function's privileges.
Think of the schema as a container: if you don't have privilege on
the container, then you can't access anything inside the container.

> i want to give the user execute grant on a particular funtion in my
> schema and not all functions.

Grant USAGE on the schema, and revoke EXECUTE on the functions you
don't want people to execute.

Michael Fuhr

In response to

pgsql-novice by date

Next:From: CimaDate: 2005-03-23 07:05:12
Subject: Deleting data bases and tables?
Previous:From: CimaDate: 2005-03-23 06:40:22

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group