Excerpts from Dave Fennell's message of vie jun 24 10:48:40 -0400 2011:
> Not sure if this is a bug or possibly just undocumented (or unclearly
> documented) behaviour but the interaction of functions defined as "security
> definer" and functions defined as "security invoker" is not what I would
> expect.
>
> I would expect that if a function defined as "security definer" calls a
> function defined as "security invoker" the "invoker" role used would be the
> "definer" of the first function? However it appears that the *actual*
> invoker (current user) is used.
I think your problem is that you need an explicit SET ROLE to sub1
before calling sub1.func2(). Alternatively you could set up global so
that it "inherits" (which would automatically give it the privileges
that both sub1 and sub2 have).
There doesn't seem to be a bug here.
--
Ãlvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support