On R, 2004-12-17 at 21:12, Thomas Hallgren wrote:
> I'd like some views on the following issue.
>
> The pljava function call handler will resolve a class name using a
> loader that in turn uses a specific table in the PostgreSQL database.
> Hence, the caller of the function must have select permissions on that
> table or the function will fail. I would like to prevent this somehow
> but I don't know how to go about that. Is there any way to bypass the
> permissions when I do an SPI call from within a call handler somehow?
Would SECURITY DEFINER not work for pljava ?
Or if you are looking for something that has to be done inside the pl
handler maybe you should use another function with SECURITY DEFINER and
owned by superuser for function lookups ?
----------------
Hannu
