| From: | Guillaume Lelarge <guillaume(at)lelarge(dot)info> |
|---|---|
| To: | "Knut P(dot) Lehre" <knutpl(at)broadpark(dot)no> |
| Cc: | pgadmin-hackers(at)postgresql(dot)org |
| Subject: | Re: Function script generator lacks revoke from public for ACL {postgres=X/postgres} -functions |
| Date: | 2011-04-08 20:18:43 |
| Message-ID: | 4D9F6DA3.2000505@lelarge.info |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
Le 08/04/2011 20:07, Knut P. Lehre a écrit :
> It is dangerous when working with security definer functions that the pgAdmin3
> script creator does not include a "revoke from public" for functions with e.g.
> ACL postgres=X/postgres (at least in version 1.10.1). If you use this script to
> copy a function definition, then you will get public execute granted to that
> function.
Sure. That's the usual behaviour of PostgreSQL. So I don't get why
pgAdmin should do otherwise. We can of course allow the user to
automatically revoke public permissions on this kind of functions, if a
user clicks a checkbox for example (just like we do to automatically add
an index for foreign keys).
> pg_dump adds a revoke from public in this case. Is this missing revoke in
> pgAdmin3 intentional or was it forgotten?
Neither intentional nor forgotten. I don't think anyone ever thought
about it.
BTW, I don't know where you saw/heard/read that pg_dump adds a revoke
from public in this particular case, but it doesn't, AFAICT.
--
Guillaume
http://www.postgresql.fr
http://dalibo.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Guillaume Lelarge | 2011-04-08 20:22:37 | Re: Rework on the dialogs UI |
| Previous Message | Dave Page | 2011-04-08 18:28:01 | Re: Rework on the dialogs UI |