Search Postgresql Archives

Re: Clarification on View Privileges and Operator Execution in PostgreSQL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, Apr 7, 2024 at 11:02 AM Ayush Vatsa <ayushvatsa1810@xxxxxxxxx> wrote:
> If you want to confirm what the documentation says create a custom operator/function that alex is not permitted to execute and have them query a view defined by postgres that uses that function.
Thanks for the suggestion, it helped and I found out alex could not execute the view as it didn't have privileges for the function associated with operator

But a small doubt arises here I have to revoke the execution of the function using the command 
REVOKE ALL ON ALL FUNCTIONS IN SCHEMA public from public;
but when I tried 
REVOKE EXECUTE ON FUNCTION text_equals(text,text) FROM alex;
or
REVOKE ALL ON FUNCTION text_equals(text,text) FROM alex;
It didn't work i.e alex can still execute text_equals function. Why is it so?


See https://www.postgresql.org/docs/current/ddl-priv.html
Especially the part regarding default privileges.  The PUBLIC pseudo-role is granted execute on functions by default.  You are probably trying to revoke a privilege from alex that was never granted to alex directly.

David J.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]

  Powered by Linux