| From: | Matt Warner <matt(at)warnertechnology(dot)com> |
|---|---|
| To: | Bosco Rama <postgres(at)boscorama(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: Unprivileged access to pgsql functions? |
| Date: | 2011-03-04 21:51:25 |
| Message-ID: | AANLkTi=Boi_4PcxhnDeWBwcBjO0yj+EqGPCc8YQ_4Lma@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Fri, Mar 4, 2011 at 1:48 PM, Bosco Rama <postgres(at)boscorama(dot)com> wrote:
> Matt Warner wrote:
> > No luck:
> >
> > *** as postgres
> > postgres=# GRANT all on function nvl(anyelement,anyelement) to public;
> > GRANT
> > postgres=#
> >
> > *** as unprivileged user
> > offload=> select nvl(0,1);
> > ERROR: function nvl(integer, integer) does not exist
> > LINE 1: select nvl(0,1);
> > ^
> > HINT: No function matches the given name and argument types. You might
> need
> > to add explicit type casts.
>
> This looks like you defined the function in template1 *after* you created
> the
> user's DB. Or never defined it there at all.
>
> Try defining the function in the user's DB itself or, if able, recreate the
> user's DB after defining it in template1.
>
> HTH.
>
> Bosco.
>
The function cannot be defined in the user's DB because "language C" is
considered a security risk, so only the superuser can do that. Or that's
what I get from reading anyway...
Recreating the user DB is problematic because there are already tables in
place.
Matt
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Matt Warner | 2011-03-04 21:55:34 | Re: Unprivileged access to pgsql functions? |
| Previous Message | Andrew Sullivan | 2011-03-04 21:51:06 | Re: Unprivileged access to pgsql functions? |