Thread: Function Permissions

Function Permissions

From
"Telecontrol Networking"
Date:
Hi,
 
I really need that a FUNCTION runs allways with this creator/owner permissions, and not with the user permission.
 
In other words, my FUNCTION must execute several procedures as POSTGRES superuser, and the tables its needs access/insert/delete/update has no permissions to normal user. Only calling my FUNCTION the normal user can do that, and never updating or deleting directly over the tables.
 
Any idea ?
 
 
---------------------------------
Marco Túlio Oliveira
IT-Manager
www.telecontrol.com.br

Re: Function Permissions

From
Bruno Wolff III
Date:
On Sat, Oct 25, 2003 at 15:11:06 -0200, Telecontrol Networking <pglist@telecontrol.com.br> wrote:
> Hi,
> 
> I really need that a FUNCTION runs allways with this creator/owner permissions, and not with the user permission.
> 
> In other words, my FUNCTION must execute several procedures as POSTGRES superuser, and the tables its needs
access/insert/delete/updatehas no permissions to normal user. Only calling my FUNCTION the normal user can do that, and
neverupdating or deleting directly over the tables.
 
> 
> Any idea ?

You can use security definer clause when creating the function.


Re: Function Permissions

From
Christopher Kings-Lynne
Date:
CREATE FUNCTION ... SECURITY DEFINER;

Read the 7.3 docs.

Chris

Telecontrol Networking wrote:

> 
> Hi,
>  
> I really need that a FUNCTION runs allways with this creator/owner 
> permissions, and not with the user permission.
>  
> In other words, my FUNCTION must execute several procedures as POSTGRES 
> superuser, and the tables its needs access/insert/delete/update has no 
> permissions to normal user. Only calling my FUNCTION the normal user can 
> do that, and never updating or deleting directly over the tables.
>  
> Any idea ?
>  
>  
> ---------------------------------
> Marco Túlio Oliveira
> IT-Manager
> www.telecontrol.com.br <http://www.telecontrol.com.br>