"Craig" <[EMAIL PROTECTED]> writes:
> I am trying to prevent anyone that inhertis from role1 to not be able to =
> select from any database table, unless they execute a function that I =
> have provided. How do I setup the security for this?=20
You need to mark the function as SECURITY DEFINER, which means that it
runs with its creator's permissions. By default a function runs with
the caller's permissions.
(Yeah, SECURITY DEFINER is a pretty obscure name for this. It's what
the SQL spec requires though :-()
regards, tom lane
---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?
http://www.postgresql.org/docs/faq
