Re: Fwd: Help using user rights - Mailing list pgsql-general

From Martijn van Oosterhout
Subject Re: Fwd: Help using user rights
Date
Msg-id 20060907122111.GJ10093@svana.org
Whole thread Raw
In response to Fwd: Help using user rights  (Valentin Militaru <valentin.militaru@telcor.ro>)
List pgsql-general
On Thu, Sep 07, 2006 at 02:12:57PM +0300, Valentin Militaru wrote:
> I have one user in postgres8.01. which connects from a webserver and inserts
> some data into a table. It only has INSERT access on that table.
> ON the other hand, on the same table a have an after-insert trigger which
> executes a function owned by a more powerful user.
> My problem is that when I try to insert some data with the webserver user,
> PostgreSQL wants that user to have access to all the relations used in the
> trigger function.
>
> Is there any way to avoid granting the light user with all those rigths?

You could declare the function "SECURITY DEFINER", then it will always
have the rights of the person who created the trigger.

Have a nice day,
--
Martijn van Oosterhout   <kleptog@svana.org>   http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.

Attachment

pgsql-general by date:

Previous
From: Alvaro Herrera
Date:
Subject: Re: Majordomo drops multi-line Subject:
Next
From: Ray Stell
Date:
Subject: Re: archives is not working was (Re: [NOVICE] Removing duplicate keys)