Re: Execute permissions for stored functions

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Paul Hart <paulhart(at)redchocolate(dot)ca>
Cc: pgsql-sql(at)postgresql(dot)org
Subject: Re: Execute permissions for stored functions
Date: 2004-01-19 05:40:33
Message-ID: 20956.1074490833@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-sql

Paul Hart <paulhart(at)redchocolate(dot)ca> writes:
> In RDBMSs such as Oracle, stored PL/SQL functions run with the
> permissions of the user that creates the function. Users who are given
> EXECUTE privileges then call the function with the permissions of the
> creator of the function.

Use "SECURITY DEFINER" to get this behavior in Postgres.

The SQL99 spec punts as to whether SECURITY DEFINER should be the
default or not, so unfortunately neither we nor Oracle can be said
to be wrong on this point...

regards, tom lane

In response to

Browse pgsql-sql by date

  From Date Subject
Next Message Tom Lane 2004-01-19 05:44:30 Re: How can I get the last element out of GROUP BY sets?
Previous Message Denis 2004-01-19 04:58:01 Re: Left joins with multiple tables