Re: BUG #1874: Non-Execute Privileges enforced on grant

From: Peter Eisentraut <peter_e(at)gmx(dot)net>
To: "Mark Diener" <md(at)realmwireless(dot)com>
Cc: pgsql-bugs(at)postgresql(dot)org
Subject: Re: BUG #1874: Non-Execute Privileges enforced on grant
Date: 2005-09-10 19:51:45
Message-ID: 200509102151.45658.peter_e@gmx.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-bugs

Mark Diener wrote:
> It seems the EXECUTE privilege is not the only privilege that is
> being checked during the execution of a PL/psql procedure
> language/function.

The EXECUTE privilege is checked before the function is executed.
During the execution of a function, you still need for each operation
the privileges that are ordinarily required for that operation. If you
want to have the function executed with the effective privileges of its
owner, you can specify the clause SECURITY DEFINER when creating the
function.

--
Peter Eisentraut
http://developer.postgresql.org/~petere/

In response to

Browse pgsql-bugs by date

  From Date Subject
Next Message David Fetter 2005-09-10 20:10:16 Re: BUG #1875: Function parameter names clash with table column names
Previous Message Byron 2005-09-10 16:46:44 BUG #1875: Function parameter names clash with table column names