Re: access to execute function without access to it content - Mailing list pgadmin-support

From Pavel Stehule
Subject Re: access to execute function without access to it content
Date
Msg-id 162867790907142122m6a4b4a40i2563da28a0b8c88@mail.gmail.com
Whole thread Raw
In response to access to execute function without access to it content  (Aleksandr Peshcherskikh <aleksandr.peshcherskikh@gmail.com>)
List pgadmin-support
Hello

PostgreSQL doesn't run procedures with owner rights, but with caller
rights. If you would to change this behave, then you have to set
SECURITY DEFINER flag for procedure.

regards
Pavel Stehule

2009/7/14 Aleksandr Peshcherskikh <aleksandr.peshcherskikh@gmail.com>:
> Hello support team!
> I wanna do next trick. Create user and deny access on tables to him but
> allow to execute stored procedures which are referenced to the denied data.
> It's very ordinary use case. But I don't know how to do it in postgresql (if
> it is possible of course)
> I tried the next way.
> 1. create database test (for owner postgres)
> 2. create table test (for owner postgres)
> 3. create function trytest with simple body "perform * from test;" (for
> owner postgres)
> 4. create user test;
> 5. grant execute trytest to test
> 6. revoke select on test from test
> Now if I try to execute "trytest" from user "test"  it returns me error
> "access denied to table test"
> What's wrong do I do?
> Is there any way to do what i whant?
> Regards, Aleksandr.


pgadmin-support by date:

Previous
From: "Dileep A.V"
Date:
Subject: Re: Need help urgent!!!
Next
From: Guillaume Lelarge
Date:
Subject: Re: pgadmin very slow