Home > mailing lists

Re: Security Definer functions no longer works in PG14+ - Mailing list pgsql-bugs

From	Jan Katins
Subject	Re: Security Definer functions no longer works in PG14+
Date	May 5, 2022 21:31:58
Msg-id	CAAc324hNuW-FqTnpXbsyA8FmocoGx7AcULiFE7yxmqiw2gKkfQ@mail.gmail.com Whole thread Raw
In response to	Security Definer functions no longer works in PG14+ (Jobin Augustine <jobinau@gmail.com>)
Responses	Re: Security Definer functions no longer works in PG14+ Re: Security Definer functions no longer works in PG14+
List	pgsql-bugs

Tree view

Hi,

The aiven-extras repo has a workaround for that, using dblink: https://github.com/aiven/aiven-extras/commit/eb8c1107ca91a7da5ecb0c8127c94ce42762881d

Jan

On Thu, 5 May 2022, 17:49 Jobin Augustine, <jobinau@gmail.com> wrote:

Hello Community and Hackers,

A function like:

CREATE OR REPLACE FUNCTION fn_sql_refresh() RETURNS void AS $$
ALTER SUBSCRIPTION sub REFRESH PUBLICATION;
$$ LANGUAGE SQL SECURITY DEFINER;

Works with PostgreSQL 13 and older versions.
But gives error on PostgreSQL 14 as follows:

postgres=> select fn_sql_refresh();
ERROR: ALTER SUBSCRIPTION ... REFRESH cannot be executed from a function
CONTEXT: SQL function "fn_sql_refresh" statement 1

I believe, this is a consequence of :
https://git.postgresql.org/gitweb/?p=postgresql.git;h=ce0fdbfe9722867b7fad4d3ede9b6a6bfc51fb4e

But it is hurting good operational use cases of logical replication.

Regards,
Jobin.

pgsql-bugs by date:

From: Jobin Augustine
Date: 05 May 2022, 18:49:03
Subject: Security Definer functions no longer works in PG14+

From: Masahiko Sawada
Date: 06 May 2022, 08:26:42
Subject: Re: Implicitly created operator family not listed by pg_event_trigger_ddl_commands

Re: Security Definer functions no longer works in PG14+ - Mailing list pgsql-bugs

Previous

Next