Re: User permission

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: "C G" <csgcsg39(at)hotmail(dot)com>
Cc: pgsql-general(at)postgresql(dot)org, Peter Eisentraut <peter_e(at)gmx(dot)net>
Subject: Re: User permission
Date: 2004-04-16 00:08:42
Message-ID: 22542.1082074122@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general

"C G" <csgcsg39(at)hotmail(dot)com> writes:
> I have a user_info table that has trigger which creates a user and
> switches session authorization to the new user, but it doesn't seem to
> work as I expect.

> mydb1=> select * from user_info ;
> usename | password
> ---------+----------
> user1 | ***
> (1 row)
> Shouldn't be able to do that!

I think what is happening is that when control exits from the SECURITY
DEFINER function, the value of current_user is reset to what it was when
the function was entered. So even though session_user says user1,
you are still effectively admin here.

I'm not sure there is any clean solution that would make this do what
you expect, partly because it's not real clear what you expect (consider
nested SECURITY DEFINER functions, error recovery, etc). I'd be
inclined to put a band-aid on it by forbidding SET SESSION AUTHORIZATION
inside functions.

Can anyone propose a defensible and implementable behavior that would
allow CG to do what he wants?

regards, tom lane

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Jim Seymour 2004-04-16 00:38:43 Re: Basix for Data General / Basix for Sco Unix
Previous Message Tom Lane 2004-04-15 23:58:57 Re: Optimal configuration to eliminate "out of file descriptors" error