Home > mailing lists

Re: Security leak with trigger functions? - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Security leak with trigger functions?
Date	December 14, 2006 16:47:40
Msg-id	200612141847.35439.peter_e@gmx.net Whole thread Raw
In response to	Re: Security leak with trigger functions? (Tom Lane <tgl@sss.pgh.pa.us>)
Responses	Re: Security leak with trigger functions? (Tom Lane <tgl@sss.pgh.pa.us>)
List	pgsql-hackers

Tree view

Tom Lane wrote:
> The question in my mind is what privilege to check and when.

By extrapolation of the SQL standard, I'd say we'd need to check the 
EXECUTE privilege of the function at run time.

-- 
Peter Eisentraut
http://developer.postgresql.org/~petere/

pgsql-hackers by date:

From: ohp@pyrenet.fr
Date: 14 December 2006, 16:38:50
Subject: Re: unixware and --with-ldap

From: Tom Lane
Date: 14 December 2006, 16:54:17
Subject: Re: Security leak with trigger functions?

Re: Security leak with trigger functions? - Mailing list pgsql-hackers

Previous

Next