| From: | Ayush Vatsa <ayushvatsa1810(at)gmail(dot)com> |
|---|---|
| To: | PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Restricting Direct Access to a C Function in PostgreSQL |
| Date: | 2024-08-11 07:23:23 |
| Message-ID: | CACX+KaNZvPiki5BgF-z14h+SG-rjerm=J0rs8M3nkBTB=xVwog@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi PostgreSQL Community,
I have a scenario where I am working with two functions: one in SQL and
another in C, where the SQL function is a wrapper around C function. Here’s
an example:
CREATE OR REPLACE FUNCTION my_func(IN input text)RETURNS BIGINT AS $$DECLARE
result BIGINT;BEGIN
SELECT col2 INTO result FROM my_func_extended(input);
RETURN result;END;
$$ LANGUAGE plpgsql;
CREATE OR REPLACE FUNCTION my_func_extended(
IN input text,
OUT col1 text,
OUT col2 BIGINT
)RETURNS SETOF recordAS 'MODULE_PATHNAME', 'my_func_extended'LANGUAGE
C STRICT PARALLEL SAFE;
I need to prevent direct execution of my_func_extended from psql while
still allowing it to be called from within the wrapper function my_func.
I’m considering the following options:
1. Using GRANT/REVOKE in SQL to manage permissions.
2. Adding a check in the C function to allow execution only if my_func
is in the call stack (previous parent or something), and otherwise throwing
an error.
Is there an existing approach to achieve this, or would you recommend a
specific solution?
Best regards,
Ayush Vatsa
AWS
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2024-08-11 09:41:11 | Re: Restricting Direct Access to a C Function in PostgreSQL |
| Previous Message | Junwang Zhao | 2024-08-11 07:03:28 | Re: Support tid range scan in parallel? |