| From: | John DeSoi <desoi(at)pgedit(dot)com> |
|---|---|
| To: | CAJ CAJ <pguser(at)gmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Triggers to allow user create table? |
| Date: | 2007-05-28 01:27:41 |
| Message-ID: | B4600D02-F493-4412-9F5D-090159DDFBF4@pgedit.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
See the SECURITY DEFINER option for CREATE FUNCTION. This way you
don't have to give them create table privileges, but they can still
create a table through your function. You'll need to use EXECUTE to
create a table in pl/pgsql.
On May 27, 2007, at 4:50 PM, CAJ CAJ wrote:
> Had a question on best approach with some security issues around on
> the fly table creation by a user.
>
> I want to users to create dynamic tables from the application. This
> means that the user logged in should have create table privileges
> at the database level. Assuming this is a security risk for
> allowing all users to have table creation privileges. is it
> possible to create some sort of trigger to allow the user to create
> table when ready and once it's done revoke it automatically?
>
> What is the best approach conceptual wise and security wise when
> dealing with these situations? The less the user can do on the
> database the better it is?
John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Rodrigo De León | 2007-05-28 01:57:44 | Re: How to create trigger if it does not exist |
| Previous Message | Joseph S | 2007-05-27 23:36:58 | Re: swap storm created by 8.2.3 |