From: | Antti Haapala <antti(dot)haapala(at)iki(dot)fi> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Tomasz Myrta <jasiek(at)klaster(dot)net>, "'pgsql-sql(at)postgresql(dot)org'" <pgsql-sql(at)postgresql(dot)org> |
Subject: | Re: function with security definer |
Date: | 2003-03-24 18:36:31 |
Message-ID: | Pine.GSO.4.44.0303241952100.3974-100000@paju.oulu.fi |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-sql |
On Mon, 24 Mar 2003, Tom Lane wrote:
> Tomasz Myrta <jasiek(at)klaster(dot)net> writes:
>
> > [ Can't do SET SESSION AUTHORIZATION in a postgres-owned function ]
>
> That's because SET SESSION AUTHORIZATION looks to the original login
> userid, not the current effective userid, to decide whether you're
> allowed to do it. If it didn't work that way, a superuser couldn't
> switch to any other identity after becoming a nonprivileged user.
So what if it went like this:
- set session authorization on "logged as superuser" acts
as before
- as a bonus allow superuser owned SECURITY DEFINER functions
to set session authorization when called by unpriv. user.
- it could also be possible for superuser to drop privs
permanently, with SET PERMANENT SESSION AUTHORIZATION.
(which just sets login ids to the new value)
--
Antti Haapala
From | Date | Subject | |
---|---|---|---|
Next Message | Liang Luo | 2003-03-25 14:38:40 | How to show timestamp with milliseconds(3 digits) in Select clause in Ver7.1 ? |
Previous Message | Mike Meyer | 2003-03-24 17:31:45 | Re: Rule for updating through a view. |