| From: | Antti Haapala <antti(dot)haapala(at)iki(dot)fi> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Tomasz Myrta <jasiek(at)klaster(dot)net>, "'pgsql-sql(at)postgresql(dot)org'" <pgsql-sql(at)postgresql(dot)org> |
| Subject: | Re: function with security definer |
| Date: | 2003-03-24 18:36:31 |
| Message-ID: | Pine.GSO.4.44.0303241952100.3974-100000@paju.oulu.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-sql |
On Mon, 24 Mar 2003, Tom Lane wrote:
> Tomasz Myrta <jasiek(at)klaster(dot)net> writes:
>
> > [ Can't do SET SESSION AUTHORIZATION in a postgres-owned function ]
>
> That's because SET SESSION AUTHORIZATION looks to the original login
> userid, not the current effective userid, to decide whether you're
> allowed to do it. If it didn't work that way, a superuser couldn't
> switch to any other identity after becoming a nonprivileged user.
So what if it went like this:
- set session authorization on "logged as superuser" acts
as before
- as a bonus allow superuser owned SECURITY DEFINER functions
to set session authorization when called by unpriv. user.
- it could also be possible for superuser to drop privs
permanently, with SET PERMANENT SESSION AUTHORIZATION.
(which just sets login ids to the new value)
--
Antti Haapala
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Liang Luo | 2003-03-25 14:38:40 | How to show timestamp with milliseconds(3 digits) in Select clause in Ver7.1 ? |
| Previous Message | Mike Meyer | 2003-03-24 17:31:45 | Re: Rule for updating through a view. |