Re: Permissions within a function

On R, 2004-12-17 at 21:12, Thomas Hallgren wrote:
> I'd like some views on the following issue.
> 
> The pljava function call handler will resolve a class name using a 
> loader that in turn uses a specific table in the PostgreSQL database. 
> Hence, the caller of the function must have select permissions on that 
> table or the function will fail. I would like to prevent this somehow 
> but I don't know how to go about that. Is there any way to bypass the 
> permissions when I do an SPI call from within a call handler somehow?

Would SECURITY DEFINER not work for pljava ?

Or if you are looking for something that has to be done inside the pl
handler maybe you should use another function with SECURITY DEFINER and
owned by superuser for function lookups ?

----------------
Hannu