Murat Tasan <murat.tasan@cwru.edu> writes:
> Now, as the owner of the database, execute
> CREATE FUNCTION F(T.id%TYPE) RETURNS T.name%TYPE AS $$ SELECT name
> FROM T WHERE id = $1; $$ LANGUAGE SQL;
> Now login as user A and try:
> SELECT * FROM F(69);
> (and let 69 be some id in T).
> The execution fails, stating that user A doesn't have SELECT
> privileges on T.
Right, because the function is running with A's privileges.
If you want the function to run with its owner's privileges,
label it SECURITY DEFINER.
regards, tom lane
