On Mon, Feb 27, 2006 at 12:09:48 +0000,
Dayo Johnson <dayoj@cleanjohn.net> wrote:
> Hello,
>
> Is it possible to do the following:
> Disallow permission to write to a table (either by UPDATE or INSERT) but
> allow EXECUTE permission on a Function that writes to the table ?
>
> The reason I want to do this is so that I can perform certain checks on
> the data that is being written before I allow it to be written.
You can use SECURITY DEFINER functions to do this. Those functions run
with the access rights of the function creator, rather than the executor.
