Postgres Pro
Downloads
Home   >   mailing lists

Re: Security leak with trigger functions? - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Security leak with trigger functions?
Date
Msg-id 22557.1166118835@sss.pgh.pa.us
Whole thread Raw
In response to Re: Security leak with trigger functions?  (Peter Eisentraut <peter_e@gmx.net>)
Responses Re: Security leak with trigger functions?  (Peter Eisentraut <peter_e@gmx.net>)
List pgsql-hackers
Tree view 
Peter Eisentraut <peter_e@gmx.net> writes:
> Tom Lane wrote:
>> The question in my mind is what privilege to check and when.

> By extrapolation of the SQL standard, I'd say we'd need to check the 
> EXECUTE privilege of the function at run time.

Certainly EXECUTE privilege is what to check, but whose privilege?
        regards, tom lane

pgsql-hackers by date:

Previous
From: Peter Eisentraut
Date:
Subject: Re: Security leak with trigger functions?
Next
From: Peter Eisentraut
Date:
Subject: Multiple uses of same internal function