Thread: Bug #884: Schema access not inherited by functions declared SECURITY DEFINER

Jason B. Alonso (jalonso@mit.edu) reports a bug with a severity of 3
The lower the number the more severe it is.

Short Description
Schema access not inherited by functions declared SECURITY DEFINER

Long Description
When calling a function declared SECURITY DEFINER, I get permission denied errors on schemas that the function would
access. In my cases, no permissions are granted to the schemas are granted to the users calling the functions, but the
owner/definerof the functions is the owner/definer/explicitly-permitted-user of the schemas in question. 

The problem is a "minor annoyance" to me in that I can circumvent the problem in my application by granting schema
usageto PUBLIC (and explicitly revoking access to the schema's tables, etc.), but it may not be quite so minor to
others.

Version: PostgreSQL 7.3 running on Cygwin/Win2k

Sample Code


No file was uploaded with this report

pgsql-bugs@postgresql.org writes:
> When calling a function declared SECURITY DEFINER, I get permission
> denied errors on schemas that the function would access.

This is hard to believe.  Please give a complete example.

            regards, tom lane