| From: | "Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com> |
|---|---|
| To: | 'Tom Lane' <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "'pgsql-novice(at)postgresql(dot)org'" <pgsql-novice(at)postgresql(dot)org> |
| Subject: | Re: Authorized privileges when calling a procedure |
| Date: | 2005-04-22 16:11:00 |
| Message-ID: | 41669DC6FE3B80449A33A4DD46DB370A09E7EAFA@entcoexch15.broadband.att.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Great, that's exactly what I need.
Thanks!
-----Original Message-----
From: Tom Lane [mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us]
Sent: Friday, April 22, 2005 9:04 AM
To: Walker, Jed S
Cc: 'pgsql-novice(at)postgresql(dot)org'
Subject: Re: [NOVICE] Authorized privileges when calling a procedure
"Walker, Jed S" <Jed_Walker(at)cable(dot)comcast(dot)com> writes:
> I have another question. It appears that when you create a procedure
> and grant access on it to another user, the user must have privileges
> to all objects that the procedure references. Can someone confirm
> this, and is there a way to change the privilege authorization to the
> user that defined the procedure?
Mark the function as SECURITY DEFINER --- this is like setuid programs in
Unix.
(No, it's not a very intuitive label for the behavior, but it's what the SQL
spec says to use.)
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Michael Fuhr | 2005-04-22 16:19:28 | Re: CHECK Constraints |
| Previous Message | Van Ingen, Lane | 2005-04-22 16:02:41 | CHECK Constraints |