Re: [v9.2] Fix Leaky View Problem

Robert Haas  09/25/11 10:58 AM >>>

> I'm not sure we've been 100% consistent about that, since we
> previously made CREATE OR REPLACE LANGUAGE not replace the owner
> with the current user.
I think we've been consistent in *not* changing security on an
object when it is replaced.
test=# create user someoneelse;
CREATE ROLE
test=# create user yetanother;
CREATE ROLE
test=# create function one() returns int language sql as 'select 1;';
CREATE FUNCTION
test=# alter function one() owner to someoneelse;
ALTER FUNCTION
test=# revoke execute on function one() from public;
REVOKE
test=# create or replace function one() returns int language plpgsql as
$$begin return 1; end;$$;
CREATE FUNCTION
test=# \df+ one()                                                            List of
functionsSchema | Name | Result data type | Argument data types |  Type  |
Volatility |    Owner    | Language |     Source code      | Description


--------+------+------------------+---------------------+--------+------------+-------------+----------+----------------------+-------------public
|one  | integer          |                     | normal |
 
volatile   | someoneelse | plpgsql  | begin return 1; end; | 
(1 row)

test=# set role yetanother;
SET
test=> select one();
ERROR:  permission denied for function one

-Kevin