Tom Lane wrote:
> No, it's operating as designed. Per the GRANT reference page:
> : Depending on the type of object, the initial default privileges may
> : include granting some privileges to PUBLIC. The default is no public
> : access for tables, schemas, and tablespaces; CONNECT privilege and TEMP
> : table creation privilege for databases; EXECUTE privilege for functions;
> : and USAGE privilege for languages. The object owner may of course revoke
> : these privileges. (For maximum security, issue the REVOKE in the same
> : transaction that creates the object; then there is no window in which
> : another user may use the object.)
>
> You'll need to revoke the default public EXECUTE privilege on any
> functions you don't want to be callable.
>
> regards, tom lane
>
Hmm, so the answer to my question
"How can I assign execute permission to a role for a single function
inside schema."
is I can't?
So this basically means that I can't fine tune the permissions through
functions, but I
can through views and tables?
This looks like a bug in design to me ;(
Regards,
Rikard
