| From: | Dominique Devienne <ddevienne(at)gmail(dot)com> |
|---|---|
| To: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
| Cc: | "pgsql-general(at)lists(dot)postgresql(dot)org" <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: current_role of caller of a DEFINER function |
| Date: | 2024-06-26 12:58:44 |
| Message-ID: | CAFCRh-__EGUUezjcSNqEJOmr68dKdBMS3hcxqUw8x-ory_NeJA@mail.gmail.com |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Wed, Jun 26, 2024 at 2:42 PM David G. Johnston
<david(dot)g(dot)johnston(at)gmail(dot)com> wrote:
> On Wednesday, June 26, 2024, Dominique Devienne <ddevienne(at)gmail(dot)com> wrote:
>> Only session_user
>> is representative of the caller, and reliable (modulo SUPERUSER and
>> SET AUTHORIZATION, but that's a different story and kinda normal)
>
> Why can you not use session_user then?
Hi. As I already wrote above, the current_role matters in our security model.
The LOGIN user (i.e. session_user) is used only for authentication to
the DB and to connect.
All other security concerns are on other app-maintained (NOLOGIN)
roles, used for authorization. --DD
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron Johnson | 2024-06-26 13:15:30 | Re: Autovacuum, dead tuples and bloat |
| Previous Message | Isaac Morland | 2024-06-26 12:58:17 | Re: current_role of caller of a DEFINER function |