| From: | Bruno Wolff III <bruno(at)wolff(dot)to> |
|---|---|
| To: | Oliver Elphick <olly(at)lfix(dot)co(dot)uk> |
| Cc: | pgsql-advocacy(at)postgresql(dot)org |
| Subject: | Re: Linux User (& Developer) Expo 2004 - A brief |
| Date: | 2004-04-23 13:46:38 |
| Message-ID: | 20040423134638.GA6182@wolff.to |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-advocacy |
On Fri, Apr 23, 2004 at 08:49:46 +0100,
Oliver Elphick <olly(at)lfix(dot)co(dot)uk> wrote:
>
> 4. I had one problem question which I couldn't solve, though I'm fairly
> sure it should be possible: Can we create a function that can have
> privileges on an object that the person running the function does not
> have? The user wants to channel all updates through a validating
> function; therefore users should not have insert, update or delete
> privileges on the table, but they should be able to do inserts, updates
> and deletes through this function instead.
You can create functions with 'SECURITY DEFINER' to access objects as
the function creator instead of the function caller.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Fabien COELHO | 2004-04-23 14:13:52 | Re: [HACKERS] What can we learn from MySQL? |
| Previous Message | Peter Eisentraut | 2004-04-23 13:45:49 | Re: What can we learn from MySQL? |