Thread: Execute function without execute privilege
I discovered today that when I create a function in a schema that another user has "grant usage" on, they are able to execute the function even though I've not granted them "execute" on the function.
Is this normal behavior (from the manual I don't believe it is)?
If so, is the best solution to put all of our functions into separate schemas and grant usage on those based on what groups of functions someone needs?
Thanks!
Jed S. Walker
"Walker, Jed S" <Jed_Walker@cable.comcast.com> writes:
> I discovered today that when I create a function in a schema that another
> user has "grant usage" on, they are able to execute the function even though
> I've not granted them "execute" on the function.
> Is this normal behavior (from the manual I don't believe it is)?
Yes, it is, because the default for functions is to grant PUBLIC EXECUTE
access. Revoke that if you don't want it.
regards, tom lane
Do you mean that when I create a function an implicit "grant execute on
function" is done? If so, we would have to do a revoke with each grant. Or,
do you mean there is a public grant to "execute any function" that I can
just remove when I create the database (and if so, how?)
-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Thursday, May 05, 2005 2:24 PM
To: Walker, Jed S
Cc: 'pgsql-novice@postgresql.org'
Subject: Re: [NOVICE] Execute function without execute privilege
"Walker, Jed S" <Jed_Walker@cable.comcast.com> writes:
> I discovered today that when I create a function in a schema that
> another user has "grant usage" on, they are able to execute the
> function even though I've not granted them "execute" on the function.
> Is this normal behavior (from the manual I don't believe it is)?
Yes, it is, because the default for functions is to grant PUBLIC EXECUTE
access. Revoke that if you don't want it.
regards, tom lane
Another question, if we put functions into a schema and then use "grant
usage" on the schema is that considered an OK practice in postgresql to
limit users to a group of functions (I assume they would still have to have
usage on the schema to get to them).
-----Original Message-----
From: Walker, Jed S
Sent: Friday, May 06, 2005 8:46 AM
To: 'Tom Lane'
Cc: 'pgsql-novice@postgresql.org'
Subject: RE: [NOVICE] Execute function without execute privilege
Do you mean that when I create a function an implicit "grant execute on
function" is done? If so, we would have to do a revoke with each grant. Or,
do you mean there is a public grant to "execute any function" that I can
just remove when I create the database (and if so, how?)
-----Original Message-----
From: Tom Lane [mailto:tgl@sss.pgh.pa.us]
Sent: Thursday, May 05, 2005 2:24 PM
To: Walker, Jed S
Cc: 'pgsql-novice@postgresql.org'
Subject: Re: [NOVICE] Execute function without execute privilege
"Walker, Jed S" <Jed_Walker@cable.comcast.com> writes:
> I discovered today that when I create a function in a schema that
> another user has "grant usage" on, they are able to execute the
> function even though I've not granted them "execute" on the function.
> Is this normal behavior (from the manual I don't believe it is)?
Yes, it is, because the default for functions is to grant PUBLIC EXECUTE
access. Revoke that if you don't want it.
regards, tom lane
On Fri, May 06, 2005 at 08:45:41 -0600, "Walker, Jed S" <Jed_Walker@cable.comcast.com> wrote: > Do you mean that when I create a function an implicit "grant execute on > function" is done? If so, we would have to do a revoke with each grant. Or, > do you mean there is a public grant to "execute any function" that I can > just remove when I create the database (and if so, how?) When a function is created it is created with "public" having execute access to it. You will need to do a revoke after each function creation.
"Walker, Jed S" <Jed_Walker@cable.comcast.com> writes:
> Do you mean that when I create a function an implicit "grant execute on
> function" is done?
Effectively, yes. See the GRANT manual page for details.
regards, tom lane