> If you want to confirm what the documentation says create a custom operator/function that alex is not permitted to execute and have them query a view defined by postgres that uses that function. Thanks for the suggestion, it helped and I found out alex could not execute the view as it didn't have privileges for the function associated with operator
But a small doubt arises here I have to revoke the execution of the function using the command REVOKE ALL ON ALL FUNCTIONS IN SCHEMA public from public; but when I tried REVOKE EXECUTE ON FUNCTION text_equals(text,text) FROM alex; or REVOKE ALL ON FUNCTION text_equals(text,text) FROM alex; It didn't work i.e alex can still execute text_equals function. Why is it so? Thanks Ayush Vatsa SDE AWS On Sun, 7 Apr 2024 at 22:31, David G. Johnston <david.g.johns...@gmail.com> wrote: > On Sun, Apr 7, 2024 at 9:32 AM Ayush Vatsa <ayushvatsa1...@gmail.com> > wrote: > >> but who will execute the >> > underlying function inside the ( > ) operator ? Is it postgres or alex? >> >>> > I'm reasonably confident that all the built-in functions are security > invoker. Not that a pure function like greater-than really cares. > > David J. > >
