Thread: Function Permissions
Hi,
I really need that a FUNCTION runs allways with this creator/owner permissions, and not with the user permission.
In other words, my FUNCTION must execute several procedures as POSTGRES superuser, and the tables its needs access/insert/delete/update has no permissions to normal user. Only calling my FUNCTION the normal user can do that, and never updating or deleting directly over the tables.
Any idea ?
On Sat, Oct 25, 2003 at 15:11:06 -0200, Telecontrol Networking <pglist@telecontrol.com.br> wrote: > Hi, > > I really need that a FUNCTION runs allways with this creator/owner permissions, and not with the user permission. > > In other words, my FUNCTION must execute several procedures as POSTGRES superuser, and the tables its needs access/insert/delete/updatehas no permissions to normal user. Only calling my FUNCTION the normal user can do that, and neverupdating or deleting directly over the tables. > > Any idea ? You can use security definer clause when creating the function.
CREATE FUNCTION ... SECURITY DEFINER; Read the 7.3 docs. Chris Telecontrol Networking wrote: > > Hi, > > I really need that a FUNCTION runs allways with this creator/owner > permissions, and not with the user permission. > > In other words, my FUNCTION must execute several procedures as POSTGRES > superuser, and the tables its needs access/insert/delete/update has no > permissions to normal user. Only calling my FUNCTION the normal user can > do that, and never updating or deleting directly over the tables. > > Any idea ? > > > --------------------------------- > Marco Túlio Oliveira > IT-Manager > www.telecontrol.com.br <http://www.telecontrol.com.br>