From: | Ayush Vatsa <ayushvatsa1810(at)gmail(dot)com> |
---|---|
To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
Subject: | Re: Clarification on View Privileges and Operator Execution in PostgreSQL |
Date: | 2024-04-07 18:22:47 |
Message-ID: | CACX+KaOrOr-QgX-RX0RaFj6qbgytCP2HKH=AH7rooe_wdpdmPg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
Understood.
Thanks David it was a nice conversation and clarification from you
Regards
Ayush Vatsa
On Sun, 7 Apr 2024 at 23:45, David G. Johnston <david(dot)g(dot)johnston(at)gmail(dot)com>
wrote:
> On Sun, Apr 7, 2024 at 11:02 AM Ayush Vatsa <ayushvatsa1810(at)gmail(dot)com>
> wrote:
>
>> > If you want to confirm what the documentation says create a custom
>> operator/function that alex is not permitted to execute and have them query
>> a view defined by postgres that uses that function.
>> Thanks for the suggestion, it helped and I found out alex could not
>> execute the view as it didn't have privileges for the function associated
>> with operator
>>
>> But a small doubt arises here I have to revoke the execution of the
>> function using the command
>> REVOKE ALL ON ALL FUNCTIONS IN SCHEMA public from public;
>> but when I tried
>> REVOKE EXECUTE ON FUNCTION text_equals(text,text) FROM alex;
>> or
>> REVOKE ALL ON FUNCTION text_equals(text,text) FROM alex;
>> It didn't work i.e alex can still execute text_equals function. Why is it
>> so?
>>
>>>
>>>
> See https://www.postgresql.org/docs/current/ddl-priv.html
> Especially the part regarding default privileges. The PUBLIC pseudo-role
> is granted execute on functions by default. You are probably trying to
> revoke a privilege from alex that was never granted to alex directly.
>
> David J.
>
>
From | Date | Subject | |
---|---|---|---|
Next Message | Marko Sutic | 2024-04-08 12:48:33 | LwLocks contention (MultiXactOffsetControlLock/multixact_offset) when running logical replication initial snapshot |
Previous Message | David G. Johnston | 2024-04-07 18:14:54 | Re: Clarification on View Privileges and Operator Execution in PostgreSQL |