There is currently no functionality to grant or deny access to functions.
I believe anyone can run any function and the function is run as the user who runs it.
This is also the case with views, which is odd, as the rest of the select statement is granted access to a table which
thefunction in the view does not have access to.
Functions triggered seem on the other handed to be 'trusted'. This can obviously be exploited.
I have noticed a trusted field in the pg_proc and pg_language tables, can I use this somehow (I haven't got my hopes up
asthey are all 't' on pg_proc), ??
I looked through the todo, and albeit being a lot of new features in the grant section I cannot find any info regarding
theseissues.
Sincerely,
Aasmund.
Aasmund Midttun Godal
aasmund@godal.com - http://www.godal.com/
+47 40 45 20 46
