| From: | Chris Campbell <chris(at)bignerdranch(dot)com> |
|---|---|
| To: | Phil Frost <indigo(at)bitglue(dot)com> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: lastval exposes information that currval does not |
| Date: | 2006-07-06 00:06:12 |
| Message-ID: | 9A35C9D1-EC1F-4995-B811-2F94D1AFB380@bignerdranch.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Jul 5, 2006, at 14:51, Phil Frost wrote:
> test=# create function bump() returns bigint language sql security
> definer as $$ select nextval('private.seq'); $$;
SECURITY DEFINER means that the function runs with the permissions of
the role used to create the function (ran the CREATE FUNCTION
command). Due to your # prompt, I'm guessing that you were a
superuser when you ran this command. Thus, bump() will be run with
the superuser's permissions.
The superuser most definitely has permissions to access private.seq.
This has nothing to do with schema security or lastval() versus
currval().
Check out the CREATE FUNCTION documentation:
http://www.postgresql.org/docs/8.1/interactive/sql-
createfunction.html
- Chris
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Phil Frost | 2006-07-06 00:25:02 | Re: lastval exposes information that currval does not |
| Previous Message | Neil Conway | 2006-07-05 21:02:15 | Re: binds only for s,u,i,d? |