| From: | Martijn van Oosterhout <kleptog(at)svana(dot)org> |
|---|---|
| To: | Bohdan Linda <bohdan(dot)linda(at)seznam(dot)cz> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Access management for DB project. |
| Date: | 2005-09-08 10:04:50 |
| Message-ID: | 20050908100444.GB4045@svana.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Sep 08, 2005 at 12:08:25PM +0200, Bohdan Linda wrote:
> The first 2 types are easily solvable, but with the third type I have
> problem. I have created task in plpgsql, I granted permissions to an user
> to execute the task, but revoked on him all rights to tables. Logically
> task failed.
You're looking for the SECURITY DEFINER attribute. It causes the
procedure to run with the permissions of the user who created it,
rather than the user who runs it.
Hope this helps,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> Patent. n. Genius is 5% inspiration and 95% perspiration. A patent is a
> tool for doing 5% of the work and then sitting around waiting for someone
> else to do the other 95% so you can sue them.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bohdan Linda | 2005-09-08 10:08:25 | Access management for DB project. |
| Previous Message | Wolfgang Keller | 2005-09-08 09:58:43 | EMS PostgreSQL Manager vs. TheKompany DataArchitect |