Re: lastval exposes information that currval does not

On Jul 5, 2006, at 14:51, Phil Frost wrote:

> test=# create function bump() returns bigint language sql security  
> definer as $$ select nextval('private.seq'); $$;

SECURITY DEFINER means that the function runs with the permissions of  
the role used to create the function (ran the CREATE FUNCTION  
command). Due to your # prompt, I'm guessing that you were a  
superuser when you ran this command. Thus, bump() will be run with  
the superuser's permissions.

The superuser most definitely has permissions to access private.seq.

This has nothing to do with schema security or lastval() versus  
currval().

Check out the CREATE FUNCTION documentation:
   http://www.postgresql.org/docs/8.1/interactive/sql- 
createfunction.html

- Chris