Rafal Pietrak <[EMAIL PROTECTED]> writes:
> Looks like this thread have died away.
No, it moved to the appropriate mailing list:
http://archives.postgresql.org/pgsql-hackers/2006-12/msg00564.php
regards, tom lane
---(end of broadcast)--
Looks like this thread have died away.
But since this permission check looks like a security issue to me too,
I'd really apreciate someones explanation on why it is not ... if it is
not.
But if it is a security leak I'd like to pass it over as bug report - so
it does not disapear from sight.
-R
>>> "REVOKE ALL ON FUNCTION piti() FROM PUBLIC"
>>>
>>> Doe not seam to have any effect on functions installed as a trigger.
>>
>> Does your "common user" have the permission to create users?
>
> No (although the one I've initially tested this scenario on, was in a
> group that did have that per
On Wed, 2006-12-13 at 15:43 -0600, Scott Marlowe wrote:
> On Wed, 2006-12-13 at 15:36, Rafal Pietrak wrote:
> >
> >
> > "REVOKE ALL ON FUNCTION piti() FROM PUBLIC"
> >
> > Doe not seam to have any effect on functions installed as a trigger.
>
> Does your "common user" have the permission to cre
On Wed, 2006-12-13 at 15:36, Rafal Pietrak wrote:
> On Wed, 2006-12-13 at 14:01 -0500, Tom Lane wrote:
> > Rafal Pietrak <[EMAIL PROTECTED]> writes:
> > > I thought trigger functions execute at root/postgres security level?
> >
> > No. You probably want to make that function SECURITY DEFINER so i
On Wed, 2006-12-13 at 14:01 -0500, Tom Lane wrote:
> Rafal Pietrak <[EMAIL PROTECTED]> writes:
> > I thought trigger functions execute at root/postgres security level?
>
> No. You probably want to make that function SECURITY DEFINER so it
> executes as the owner, but this isn't default for trigge
Rafal Pietrak <[EMAIL PROTECTED]> writes:
> I thought trigger functions execute at root/postgres security level?
No. You probably want to make that function SECURITY DEFINER so it
executes as the owner, but this isn't default for triggers.
regards, tom lane
-
