Re: [GENERAL] SET Role doesn't work from Security Definer Function...
| От | dipti shah |
|---|---|
| Тема | Re: [GENERAL] SET Role doesn't work from Security Definer Function... |
| Дата | |
| Msg-id | d5b05a951002230921w4cdd12dap20f83d54d83a9cc3@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [GENERAL] SET Role doesn't work from Security Definer Function... (Tom Lane <tgl@sss.pgh.pa.us>) |
| Ответы |
Re: [GENERAL] SET Role doesn't work from Security Definer Function...
|
| Список | pgsql-novice |
No, I tried that but that can't be done in my requirements because my function has to be run in super user context to create the table in schema where normal users have only USAGE permissions. If I remove SECURITY DEFINER then my stored procedure will be failed for all users by saying "permission denied on schema myschema".
Moreover, I want to run only create table code in normal user context and other things in stored procedure should be done in super user context.
I tried all possible ways but couldn't find to get out of this yet.
Thanks,
Dipti
Moreover, I want to run only create table code in normal user context and other things in stored procedure should be done in super user context.
I tried all possible ways but couldn't find to get out of this yet.
Thanks,
Dipti
On Tue, Feb 23, 2010 at 8:36 PM, Alvaro Herrera <alvherre@commandprompt.com> wrote:
dipti shah escribió:Shouldn't it be the other way around? The normal function calls the
> For your reference I did something like this:
>
> 1. Create Function foo1 .... (this is without SECURITY DEFINER where I am
> using SET ROLE to current user).
>
> 2. Create Function foo2 with SECURITY DEFINER ...
> spi_exe_query("select foo1()"); ==> Here it throws the error.
security-definer one.
--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
В списке pgsql-novice по дате отправления: