Postgres Pro
Downloads
Home   >   mailing lists

Re: Irreversible SET ROLE - Mailing list pgsql-general

From Tom Lane
Subject Re: Irreversible SET ROLE
Date
Msg-id 10703.1417480773@sss.pgh.pa.us
Whole thread Raw
In response to Irreversible SET ROLE  (Bryn Jeffries <bryn.jeffries@sydney.edu.au>)
Responses Re: Irreversible SET ROLE
List pgsql-general
Tree view 
Bryn Jeffries <bryn.jeffries@sydney.edu.au> writes:
> I have a question about preventing SET ROLE from being reset within a session.

You can't; per SQL standard, SET ROLE NONE is supposed to do exactly that.

I think you might be able to do something with invoking untrusted code
inside a SECURITY DEFINER function.  That context disables both SET ROLE
and SET SESSION AUTHORIZATION.  I would not want to bet a lot on that
being bulletproof, however.

            regards, tom lane

pgsql-general by date:

Previous
From: mongoose
Date:
Subject: Merge rows based on Levenshtein distance
Next
From: David G Johnston
Date:
Subject: Re: Merge rows based on Levenshtein distance