Home > mailing lists

Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism? - Mailing list pgsql-hackers

From	Nico Williams
Subject	Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?
Date	October 19, 2017 02:15:35
Msg-id	20171018201534.GB4496@localhost Whole thread Raw
In response to	[HACKERS] Interest in a SECURITY DEFINER function current_user stackaccess mechanism? (Nico Williams <nico@cryptonector.com>)
List	pgsql-hackers

Tree view

Alternatively, a way to get at the OuterUserId?  Or the outer-most
current_user in the function stack?

I should explain why I need this: for audit functionality where I want
the triggers' procedures to be SECURITY DEFINER so only they can write
to audit tables and such, but I want them to see the current_user of the
*caller*, rather than current_user being the DEFINER's name.

Nico
-- 


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

pgsql-hackers by date:

From: Pavel Stehule
Date: 19 October 2017, 02:15:01
Subject: Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?

From: Nico Williams
Date: 19 October 2017, 02:26:50
Subject: Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism?

Re: [HACKERS] Interest in a SECURITY DEFINER function current_userstack access mechanism? - Mailing list pgsql-hackers

Previous

Next