Search Postgresql Archives

question about stored procedure / function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

i created the following function :
-- Function: immense.sp_a_001(username "varchar", pwd "varchar")
-- DROP FUNCTION immense.sp_a_001(username "varchar", pwd "varchar");

CREATE OR REPLACE FUNCTION immense.sp_a_001(username "varchar", pwd "varchar")
  RETURNS int4 AS
$BODY$

DECLARE
 myrec immense.accounts%ROWTYPE;
 count INTEGER := 0;
/**************************************/

BEGIN

 FOR myrec IN
  SELECT * FROM immense.accounts WHERE account_login=$1 and account_pwd=$2 LOOP
   count := count + 1;
 END LOOP;
 RETURN count;

END;

$BODY$
  LANGUAGE 'plpgsql' VOLATILE;
ALTER FUNCTION immense.sp_a_001(username "varchar", pwd "varchar") OWNER TO immensesk;
GRANT EXECUTE ON FUNCTION immense.sp_a_001(username "varchar", pwd "varchar") TO immensesk;

However, postgreSQL add automatically the following line to each procedure and i do not know why ?
GRANT EXECUTE ON FUNCTION immense.sp_a_001(username "varchar", pwd "varchar") TO public;

normally, in such case (i mean without granted execution right to public on this procedure), only immensesk user should be able to run it... so why such thing ?
it is not secured...

or is there something i missed ?

--
Alain
------------------------------------
Windows XP SP2
PostgreSQL 8.1.4
Apache 2.0.58
PHP 5

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux