| From: | Kris Jurka <books(at)ejurka(dot)com> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Jan Ischebeck <jan(at)ischebeck-consulting(dot)de>, pgsql-hackers(at)postgresql(dot)org, pljava-dev(at)pgfoundry(dot)org |
| Subject: | Re: Pl/Java broken since Postgresql 8.3-rc1 |
| Date: | 2008-01-11 05:01:24 |
| Message-ID: | Pine.BSO.4.64.0801102354050.23548@leary.csoft.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers pljava-dev |
On Thu, 10 Jan 2008, Tom Lane wrote:
> Just out of curiosity, what was pljava doing calling SetUserId?
> If I'd known about that I'd have thought harder about removing the
> function; but it's not clear to me why a PL should be doing that.
>
pljava wants to run code as the session user when inside a security
definer function. The sqlj spec has an install_jar function which
installs a library of java code and has an optional deployment descriptor
which can create functions against the library and tables for it to use.
The install_jar function is security definer to be able to register the
jar file in various sqlj tables that the calling user may not be able to
write to, but it wants to create the tables and function specified in the
deployement descriptor with the ownership of the user calling install_jar,
not the person who initially installed pljava.
Kris Jurka
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sim Zacks | 2008-01-11 07:39:41 | Re: 8.2.4 serious slowdown |
| Previous Message | Tom Lane | 2008-01-11 04:50:31 | Re: Pl/Java broken since Postgresql 8.3-rc1 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2008-01-11 08:47:56 | Re: Pl/Java broken since Postgresql 8.3-rc1 |
| Previous Message | Tom Lane | 2008-01-11 04:50:31 | Re: Pl/Java broken since Postgresql 8.3-rc1 |