Home > mailing lists

Re: lastval exposes information that currval does not - Mailing list pgsql-hackers

From	Chris Campbell
Subject	Re: lastval exposes information that currval does not
Date	July 6, 2006 00:06:18
Msg-id	9A35C9D1-EC1F-4995-B811-2F94D1AFB380@bignerdranch.com Whole thread Raw
In response to	lastval exposes information that currval does not (Phil Frost <indigo@bitglue.com>)
Responses	Re: lastval exposes information that currval does not
List	pgsql-hackers

Tree view

On Jul 5, 2006, at 14:51, Phil Frost wrote:

> test=# create function bump() returns bigint language sql security  
> definer as $$ select nextval('private.seq'); $$;

SECURITY DEFINER means that the function runs with the permissions of  
the role used to create the function (ran the CREATE FUNCTION  
command). Due to your # prompt, I'm guessing that you were a  
superuser when you ran this command. Thus, bump() will be run with  
the superuser's permissions.

The superuser most definitely has permissions to access private.seq.

This has nothing to do with schema security or lastval() versus  
currval().

Check out the CREATE FUNCTION documentation:
   http://www.postgresql.org/docs/8.1/interactive/sql- 
createfunction.html

- Chris

pgsql-hackers by date:

From: Neil Conway
Date: 05 July 2006, 21:30:53
Subject: Re: binds only for s,u,i,d?

From: Phil Frost
Date: 06 July 2006, 00:25:08
Subject: Re: lastval exposes information that currval does not

Re: lastval exposes information that currval does not - Mailing list pgsql-hackers

Previous

Next