Home > mailing lists

Re: Authorized privileges when calling a procedure - Mailing list pgsql-novice

From	Tom Lane
Subject	Re: Authorized privileges when calling a procedure
Date	April 22, 2005 15:03:48
Msg-id	837.1114182213@sss.pgh.pa.us Whole thread Raw
In response to	Authorized privileges when calling a procedure ("Walker, Jed S" <Jed_Walker@cable.comcast.com>)
List	pgsql-novice

Tree view

"Walker, Jed S" <Jed_Walker@cable.comcast.com> writes:
> I have another question. It appears that when you create a procedure and
> grant access on it to another user, the user must have privileges to all
> objects that the procedure references. Can someone confirm this, and is
> there a way to change the privilege authorization to the user that defined
> the procedure?

Mark the function as SECURITY DEFINER --- this is like setuid programs
in Unix.

(No, it's not a very intuitive label for the behavior, but it's what
the SQL spec says to use.)

            regards, tom lane

pgsql-novice by date:

From: tövis
Date: 22 April 2005, 15:01:41
Subject: Re: Granting permission on a sequence to a group

From: "Van Ingen, Lane"
Date: 22 April 2005, 16:02:51
Subject: CHECK Constraints

Re: Authorized privileges when calling a procedure - Mailing list pgsql-novice

Previous

Next