Making "SECURITY DEFINER" procedures..

From: Sergey Holod <sergey(at)radiocom(dot)net(dot)ua>
To: pgsql-sql(at)postgresql(dot)org
Subject: Making "SECURITY DEFINER" procedures..
Date: 2003-04-29 20:53:18
Message-ID: 200304292353.18228.sergey@radiocom.net.ua
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-sql

Hello!!!

Just trying to make subj

I made user "data", schema "data", several tables and small procedures on them
in that schema and then a greater function (as "SECURITY DEFINER") in
"public" schema which uses previous functions.
I graned "EXECUTE" access to that function to "PUBLIC".

When I try execute that function I get "ERROR: data: permission denied", but
when I add some notices between parts of function I see following:

tst=> select new_session('sergey','mypassword');
NOTICE: current user is data
NOTICE: after delete
NOTICE: after select
NOTICE: after insert
NOTICE: before return
ERROR: data: permission denied

so function executed with "data" privilegies, It deletes some data,
inserts another and so on, It even runs till "return", but then I get error...

It seems last error takes place during "auto commit" of transaction in which
function executes..

Just don't undestand what is happens..:(

--
With Best Regards,
Sergey Holod
SAH1-RIPE

Browse pgsql-sql by date

  From Date Subject
Next Message Sergey Holod 2003-04-29 20:58:35 Making "SECURITY DEFINER" procedures..
Previous Message Stephan Szabo 2003-04-29 17:55:00 Re: How I write pretty query