| From: | "Joshua D(dot) Drake" <jd(at)commandprompt(dot)com> |
|---|---|
| To: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | permission inconsistency with functions |
| Date: | 2010-07-23 18:48:50 |
| Message-ID: | 1279910930.9866.19.camel@jd-desktop.unknown.charter.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hello,
I am writing a blog on backups with postgresql, which I plan at some
point (if someone doesn't beat me to it) on turning into a patch for the
docs but I found this inconsistency:
The docs state that:
"In particular, it must have read access to all tables that you want to
back up, so in practice you almost always have to run it as a database
superuser."
Ignoring the fact that databases have a lot more objects than tables,
there is no READ/SELECT permission for functions. Thus in order to
backup a function, I must have EXECUTE permissions on the function.
Further if I don't have EXECUTE permissions I can still see the function
in pg_proc.
This seems like an inconsistency worth looking into, especially now that
we have per column perms.
Sincerely,
Joshua D. Drake
--
PostgreSQL.org Major Contributor
Command Prompt, Inc: http://www.commandprompt.com/ - 509.416.6579
Consulting, Training, Support, Custom Development, Engineering
http://twitter.com/cmdpromptinc | http://identi.ca/commandprompt
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2010-07-23 18:55:39 | Re: review: psql: edit function, show function commands patch |
| Previous Message | Robert Haas | 2010-07-23 18:47:19 | Re: patch: Add JSON datatype to PostgreSQL (GSoC, WIP) |