Search Postgresql Archives

Re: Is it possible to stop sessions killing eachother when they all authorize as the same role?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Bryn Llewellyn <bryn@xxxxxxxxxxxx> writes:
> I just confirmed that, if it suits me, I can revoke "execute" from "public" on all overloads of the humble length() function. Maybe I should refer to it as "pg_catalog.length()" to emphasize another point that had escaped me.

Yup.  For even more fun, try revoking privileges on a function that
underlies an operator.

regression=# revoke execute on function int4pl from public;
REVOKE
regression=# select 2+2;  -- still works, for a superuser
 ?column? 
----------
        4
(1 row)

regression=# create user joe;
CREATE ROLE
regression=# \c - joe
You are now connected to database "regression" as user "joe".
regression=> select 2+2;  -- not so much for anybody else
ERROR:  permission denied for function int4pl

			regards, tom lane
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux