| From: | Scott Marlowe <smarlowe(at)g2switchworks(dot)com> |
|---|---|
| To: | Rafal Pietrak <rafal(at)zorro(dot)isa-geek(dot)com> |
| Cc: | pgsql general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: about the RULE system |
| Date: | 2006-12-13 21:43:40 |
| Message-ID: | 1166046220.3243.171.camel@state.g2switchworks.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, 2006-12-13 at 15:36, Rafal Pietrak wrote:
> On Wed, 2006-12-13 at 14:01 -0500, Tom Lane wrote:
> > Rafal Pietrak <rafal(at)zorro(dot)isa-geek(dot)com> writes:
> > > I thought trigger functions execute at root/postgres security level?
> >
> > No. You probably want to make that function SECURITY DEFINER so it
> > executes as the owner, but this isn't default for triggers.
>
> Hmmm. Have checked it, and it does not look promissing.
>
> Obviously, when I define function with "SECURITY DEFINER" I need to
> limit access to that function. But....
>
> "REVOKE ALL ON FUNCTION piti() FROM PUBLIC"
>
> Doe not seam to have any effect on functions installed as a trigger.
Does your "common user" have the permission to create users?
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Angva | 2006-12-13 21:49:08 | out of memory woes |
| Previous Message | Rafal Pietrak | 2006-12-13 21:36:55 | Re: about the RULE system |