Stored Procedures for Security - Mailing list pgsql-general

From Alex Stapleton
Subject Stored Procedures for Security
Date
Msg-id 88EB35EB-D347-41D2-BE36-E3407A0EBB8B@advfn.com
Whole thread Raw
List pgsql-general
What is everyone's opinion for exclusively using Stored Procedures
for increased security? The scenario I am thinking of means having
one user which is widely accessible (large numbers of staff/user for
example) and only has access to some stored procedures, which where
create with SECURITY DEFINER so that they are run with the definers
permissions (which are assumed liberal enough to do whatever is
needed of the stored procedures.) I am especially wondering about how
easy it would be to write the functions in a way which made it very
hard/impossible to do something that wasn't intended of them. Has
anyone implemented anything like this before? What was developing new
bits of code which required access to it like?

pgsql-general by date:

Previous
From: Tom Lane
Date:
Subject: Re: [ADMIN] dump/restore needed when switching from 32bit to 64bit processor architecture?
Next
From: Tom Lane
Date:
Subject: Re: Old question - failed to find conversion function from "unknown"