Home > mailing lists

[HACKERS] GRANT EXECUTE ON FUNCTION foo() TO bar(); - Mailing list pgsql-hackers

From	Joel Jacobson
Subject	[HACKERS] GRANT EXECUTE ON FUNCTION foo() TO bar();
Date	February 22, 2017 13:06:35
Msg-id	CAASwCXeEQgXb5h9sZFYwKdBmwfmRnMxecSiZN6n_+Uo=yPpfXA@mail.gmail.com Whole thread Raw
Responses	Re: [HACKERS] GRANT EXECUTE ON FUNCTION foo() TO bar(); Re: [HACKERS] GRANT EXECUTE ON FUNCTION foo() TO bar();
List	pgsql-hackers

Tree view

Hi Hackers,

Currently, it's only possible to grant/revoke execute on functions to roles.

I think it would be useful in many situations, both for documentation purposes,
but also for increased security, to in a precise way control what
other function(s)
are allowed to execute a specific function.

This would be useful for functions that are not supposed to be used
manually by any human or any other function(s) than the few places
where the function makes sense to use.

Thoughts?

/Joel

pgsql-hackers by date:

From: Michael Paquier
Date: 22 February 2017, 13:06:14
Subject: Re: [HACKERS] Radix tree for character conversion

From: Rafia Sabih
Date: 22 February 2017, 13:10:23
Subject: Re: [HACKERS] Passing query string to workers

[HACKERS] GRANT EXECUTE ON FUNCTION foo() TO bar(); - Mailing list pgsql-hackers

Previous

Next