Search Postgresql Archives

Re: Why security-definer functions are executable by public by default?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/05/2011 09:41 AM, hubert depesz lubaczewski wrote:

hi

was pointed to the fact that security definer functions have the same
default privileges as normal functions in the same language - i.e. if
the language is trusted - public has the right to execute them.

maybe i'm missing something important, but given the fact that security
definer functions are used to get access to things that you usually
don't have access to - shouldn't the privilege be revoked by default,
and grants left for dba to decide?

depesz
That is exactly the point of security definer. It means that even though you do not have rights to data, I have a special function that will allow you the rights in a very specific way.

For example, I give my users no rights on any tables. The only way they can access data is through views and security definer functions. The functions are built in such a way that it only allows them access in the manner that I want them to.

So while my user cannot insert into the table, he can pass the correct parameters into the function and if everything checks out write it will insert the row.

Sim

--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux