On Wed, 2006-12-13 at 15:36, Rafal Pietrak wrote: > On Wed, 2006-12-13 at 14:01 -0500, Tom Lane wrote: > > Rafal Pietrak <rafal@xxxxxxxxxxxxxxxxxx> writes: > > > I thought trigger functions execute at root/postgres security level? > > > > No. You probably want to make that function SECURITY DEFINER so it > > executes as the owner, but this isn't default for triggers. > > Hmmm. Have checked it, and it does not look promissing. > > Obviously, when I define function with "SECURITY DEFINER" I need to > limit access to that function. But.... > > "REVOKE ALL ON FUNCTION piti() FROM PUBLIC" > > Doe not seam to have any effect on functions installed as a trigger. Does your "common user" have the permission to create users?
