| From: | Amit Kapila <amit(dot)kapila16(at)gmail(dot)com> |
|---|---|
| To: | Jobin Augustine <jobin(dot)augustine(at)percona(dot)com> |
| Cc: | Jan Katins <jasc(at)gmx(dot)net>, Jobin Augustine <jobinau(at)gmail(dot)com>, PostgreSQL mailing lists <pgsql-bugs(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Security Definer functions no longer works in PG14+ |
| Date: | 2022-05-09 04:08:03 |
| Message-ID: | CAA4eK1KVtS4aGiP1b35j1ocnt1uuR7Hkfw3bep+EN_1zjv-8=g@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Sun, May 8, 2022 at 12:33 PM Jobin Augustine
<jobin(dot)augustine(at)percona(dot)com> wrote:
>
>
>> Good to know that workaround helps your use case. But I am curious to know why you want to use Alter Subscription .. Refresh via function? The same restriction holds for Create/Drop Subscription as well but you don't seem to be using those via function.
>>
> Yes, the workaround really helps to continue the operations as it was.
> let me explain.
>
> In a typical operations case, owner / someone with superuser privilege sets up everything as part of the deployment and then hands over the day-to-day operations of different teams who do 24x7 coverage.
> Those teams in regular operations support won't be given superuser privilege or owner account because of obvious reasons.
> A function with "SECURITY DEFINER" is generally used as a method to hand over only the required privilege just to refresh the subscription.
>
Okay, thanks for the clarification.
--
With Regards,
Amit Kapila.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Corey Huinker | 2022-05-09 06:19:30 | Re: Query generates infinite loop |
| Previous Message | Tom Lane | 2022-05-09 04:02:57 | Re: Query generates infinite loop |