Re: Security leak with trigger functions?

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: pgsql-hackers(at)postgresql(dot)org
Cc: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, "Albe Laurenz" <all(at)adv(dot)magwien(dot)gv(dot)at>
Subject: Re: Security leak with trigger functions?
Date: 2006-12-14 17:47:34
Message-ID: 200612141847.35439.peter_e@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Tom Lane wrote:
> The question in my mind is what privilege to check and when.

By extrapolation of the SQL standard, I'd say we'd need to check the
EXECUTE privilege of the function at run time.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2006-12-14 17:53:55 Re: Security leak with trigger functions?
Previous Message ohp 2006-12-14 17:38:34 Re: unixware and --with-ldap