The following bug has been logged on the website:
Bug reference: 8315
Logged by: Jeff Frost
Email address: jeff(at)pgexperts(dot)com
PostgreSQL version: 9.2.4
Operating system: Scientific Linux 6
Description:
Simple test case:
pgx-test:~ $ createdb permtest
pgx-test:~ $ psql permtest
psql (9.2.4)
Type "help" for help.
permtest=# create extension dblink;
CREATE EXTENSION
permtest=# create role permtestuser with login nosuperuser;
permtest=# grant EXECUTE on FUNCTION dblink(text) to permtestuser;
GRANT
pgx-test:~ $ pg_dump -s permtest | grep GRANT
GRANT ALL ON SCHEMA public TO postgres;
GRANT ALL ON SCHEMA public TO PUBLIC;
I imagine we are expecting people to write security definer wrapper
functions, but if so, we should probably not allow them to grant permissions
on extension functions (and tables?) if we aren't going to preserve them in
the dump.