Search Postgresql Archives

Re: SET Role doesn't work from Security Definer Function...

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



No, I tried that but that can't be done in my requirements because my function has to be run in super user context to create the table in schema where normal users have only USAGE permissions. If I remove SECURITY DEFINER then my stored procedure will be failed for all users by saying "permission denied on schema myschema".

Moreover, I want to run only create table code in normal user context and other things in stored procedure should be done in super user context.

I tried all possible ways but couldn't find to get out of this yet.

Thanks,
Dipti

On Tue, Feb 23, 2010 at 8:36 PM, Alvaro Herrera <alvherre@xxxxxxxxxxxxxxxxx> wrote:
dipti shah escribió:

> For your reference I did something like this:
>
> 1. Create Function foo1 .... (this is without SECURITY DEFINER where I am
> using SET ROLE to current user).
>
> 2. Create Function foo2 with SECURITY DEFINER ...
>          spi_exe_query("select foo1()"); ==> Here it throws the error.

Shouldn't it be the other way around?  The normal function calls the
security-definer one.

--
Alvaro Herrera                                http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux