Re: about the RULE system

On Wed, 2006-12-13 at 15:36, Rafal Pietrak wrote:
> On Wed, 2006-12-13 at 14:01 -0500, Tom Lane wrote:
> > Rafal Pietrak <rafal@zorro.isa-geek.com> writes:
> > > I thought trigger functions execute at root/postgres security level?
> >
> > No.  You probably want to make that function SECURITY DEFINER so it
> > executes as the owner, but this isn't default for triggers.
>
> Hmmm. Have checked it, and it does not look promissing.
>
> Obviously, when I define function with "SECURITY DEFINER" I need to
> limit access to that function. But....
>
> "REVOKE ALL ON FUNCTION piti() FROM PUBLIC"
>
> Doe not seam to have any effect on functions installed as a trigger.

Does your "common user" have the permission to create users?