| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: Problem with function permission test in a view |
| Date: | 2003-09-11 17:11:10 |
| Message-ID: | 200309111711.h8BHBAb20398@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Tom Lane wrote:
> Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> writes:
> > Someone asked me a question about view and function permissions. I
> > assumed all object access done by a view would be based on the
> > permissions on the view, and not the permissions of the objects.
>
> Table references are checked according to the owner of the view, but use
> in a view does not change the execution context for function or operator
> calls. This is how it's always been done.
>
> > Is this a bug?
>
> Changing it would be a major definitional change (and a pretty major
> implementation change too). It might be better, but please don't
> pre-judge the issue by labeling it a bug.
Well, it sure sounds like a bug. What logic is there that table access
use the view permissions, but not function access? Could we just use
SECURITY DEFINER for function calls in views?
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adam Kavan | 2003-09-11 17:14:58 | Re: Another small bug (pg_autovacuum) |
| Previous Message | Bruce Momjian | 2003-09-11 17:07:54 | Re: massive quotes? |