| From: | Adam Witney <awitney(at)sghms(dot)ac(dot)uk> |
|---|---|
| To: | Bruno Wolff III <bruno(at)wolff(dot)to>, val(at)webtribe(dot)net |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: DML Restriction unless through a function |
| Date: | 2004-06-30 14:02:33 |
| Message-ID: | BD088689.35257%awitney@sghms.ac.uk |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 30/6/04 2:52 pm, "Bruno Wolff III" <bruno(at)wolff(dot)to> wrote:
> On Wed, Jun 30, 2004 at 13:21:00 +0100,
> val(at)webtribe(dot)net wrote:
>>
>> If I revoke insert,update,delete privileges on a table, would
>> the user still be able to affect data manipulation through a
>> function? Is that another way of getting around this?
>
> If you use a security definer function where the function creator
> has access to the table, but others don't then you can do that.
> There are some issues if you start using such functions in views,
> but for simple usage it will do what you want.
Out of interest, what are the issues?
Thanks
adam
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-06-30 14:32:56 | Re: minimum operators for b-tree, r-tree |
| Previous Message | Bruno Wolff III | 2004-06-30 13:52:32 | Re: DML Restriction unless through a function |