Re: Need help understanding has_function_privilege - Mailing list pgsql-general

From Cosimo Simeone
Subject Re: Need help understanding has_function_privilege
Date
Msg-id CAD1W9HUKn-u8HnfhVX8e7qib1pYssiuSHp+Lu=5iHzpGJUDMMg@mail.gmail.com
Whole thread Raw
In response to Re: Need help understanding has_function_privilege  ("David G. Johnston" <david.g.johnston@gmail.com>)
Responses Re: Need help understanding has_function_privilege
List pgsql-general
Hi, and thanks (both of you!)
Shouldn't the
 create role my_user NOINHERIT;
avoid this? And since not, why? :-)



On Thu, 20 Mar 2025 at 15:07, David G. Johnston <david.g.johnston@gmail.com> wrote:
On Wednesday, March 19, 2025, Cosimo Simeone <cosimo.simeone@gmail.com> wrote:

true?
Well... Ok, "whatever"... I revoke it:
=# revoke execute on function my_schema.my_func(text) from my_user;
REVOKE

Roles can inherit privileges.  my_user is inheriting its execute privilege from PUBLIC.  You have to revoke a granted privilege.

David J.
 

pgsql-general by date:

Previous
From: Siraj G
Date:
Subject: Re: Export operation efficiency in read replica
Next
From: "David G. Johnston"
Date:
Subject: Re: After upgrading libpq, the same function(PQftype) call returns a different OID