Re: function privileges

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Murat Tasan <murat(dot)tasan(at)cwru(dot)edu>
Cc: pgsql-novice(at)postgresql(dot)org
Subject: Re: function privileges
Date: 2006-02-03 16:34:29
Message-ID: 26964.1138984469@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

Murat Tasan <murat(dot)tasan(at)cwru(dot)edu> writes:
> Now, as the owner of the database, execute
> CREATE FUNCTION F(T.id%TYPE) RETURNS T.name%TYPE AS $$ SELECT name
> FROM T WHERE id = $1; $$ LANGUAGE SQL;

> Now login as user A and try:
> SELECT * FROM F(69);
> (and let 69 be some id in T).

> The execution fails, stating that user A doesn't have SELECT
> privileges on T.

Right, because the function is running with A's privileges.
If you want the function to run with its owner's privileges,
label it SECURITY DEFINER.

regards, tom lane

In response to

Browse pgsql-novice by date

  From Date Subject
Next Message Tjibbe Rijpma 2006-02-04 00:00:53 maximum for database users?
Previous Message Murat Tasan 2006-02-03 16:27:47 Re: function privileges