Participants
Rajarshi Mukherjee
Rajarshi Mukherjee
Bruno Wolff III
Bruno Wolff III
Richard Huxton
Richard Huxton
John DeSoi
John DeSoi
Attachments
Show all attachments
Thread Outline
#1Rajarshi MukherjeeRajarshi Mukherjee
Mar 22, 2005
#2Rajarshi MukherjeeRajarshi Mukherjeeto Rajarshi Mukherjee (#1)
Mar 22, 2005
#5John DeSoiJohn DeSoito Rajarshi Mukherjee (#2)
Mar 22, 2005
#6Bruno Wolff IIIBruno Wolff IIIto Rajarshi Mukherjee (#2)
Mar 22, 2005
#3Bruno Wolff IIIBruno Wolff IIIto Rajarshi Mukherjee (#1)
Mar 22, 2005
#4Richard HuxtonRichard Huxtonto Rajarshi Mukherjee (#1)
Mar 22, 2005

grant problem

Started by Rajarshi Mukherjeeabout 21 years ago6 messagesgeneral
Jump to latest
#1Rajarshi Mukherjee
Rajarshi Mukherjee
mukherjee.rajarshi@gmail.com

Hello all,

i have a function that updates a table. I gave execute grant on it to
a particular user but no grant on the table in question.

when logging in as that user and executing the function, i get an error
ERROR: permission denied for relation <table_name>

How can i ensure that any update on this table is only done through
that function, and that the function is oublicly executable?

Please provide suggestions.

Thanks & Regards,
Raj.

Import Notes
Reply to msg id not found: 6958419560074077475@unknownmsgidReference msg id not found: 6958419560074077475@unknownmsgid
#2Rajarshi Mukherjee
Rajarshi Mukherjee
mukherjee.rajarshi@gmail.com
In reply to: Rajarshi Mukherjee (#1)
Re: grant problem

PLEASE GIVE ME AN EXAMPLE..

Show quoted text

On Tue, 22 Mar 2005 06:24:58 -0600, Bruno Wolff III <bruno@wolff.to> wrote:

On Tue, Mar 22, 2005 at 17:27:25 +0530,
Rajarshi Mukherjee <mukherjee.rajarshi@gmail.com> wrote:

Hello all,

i have a function that updates a table. I gave execute grant on it to
a particular user but no grant on the table in question.

when logging in as that user and executing the function, i get an error
ERROR: permission denied for relation <table_name>

How can i ensure that any update on this table is only done through
that function, and that the function is oublicly executable?

You need to create the function with the security definer property.

Please provide suggestions.

Thanks & Regards,
Raj.

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly

Import Notes
Reply to msg id not found: 20050322122458.GA30084@wolff.toReference msg id not found: 6958419560074077475@unknownmsgid
#3Bruno Wolff III
Bruno Wolff III
bruno@wolff.to
In reply to: Rajarshi Mukherjee (#1)
Re: grant problem

On Tue, Mar 22, 2005 at 17:27:25 +0530,
Rajarshi Mukherjee <mukherjee.rajarshi@gmail.com> wrote:

Hello all,

i have a function that updates a table. I gave execute grant on it to
a particular user but no grant on the table in question.

when logging in as that user and executing the function, i get an error
ERROR: permission denied for relation <table_name>

How can i ensure that any update on this table is only done through
that function, and that the function is oublicly executable?

You need to create the function with the security definer property.

Show quoted text

Please provide suggestions.

Thanks & Regards,
Raj.

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly

#4Richard Huxton
Richard Huxton
dev@archonet.com
In reply to: Rajarshi Mukherjee (#1)
Re: grant problem

Rajarshi Mukherjee wrote:

Hello all,

i have a function that updates a table. I gave execute grant on it to
a particular user but no grant on the table in question.

when logging in as that user and executing the function, i get an error
ERROR: permission denied for relation <table_name>

How can i ensure that any update on this table is only done through
that function, and that the function is oublicly executable?

Check the manuals for "CREATE FUNCTION" - particularly the section on
SECURITY INVOKER vs SECURITY DEFINER

--
Richard Huxton
Archonet Ltd

#5John DeSoi
John DeSoi
desoi@pgedit.com
In reply to: Rajarshi Mukherjee (#2)
Re: grant problem

On Mar 22, 2005, at 7:17 AM, Rajarshi Mukherjee wrote:

PLEASE GIVE ME AN EXAMPLE..

Just add the "SECURITY DEFINER" keyword to the function definition.

http://www.postgresql.org/docs/8.0/interactive/sql-createfunction.html

John DeSoi, Ph.D.
http://pgedit.com/
Power Tools for PostgreSQL

#6Bruno Wolff III
Bruno Wolff III
bruno@wolff.to
In reply to: Rajarshi Mukherjee (#2)
Re: grant problem

On Tue, Mar 22, 2005 at 17:47:48 +0530,
Rajarshi Mukherjee <mukherjee.rajarshi@gmail.com> wrote:

PLEASE GIVE ME AN EXAMPLE..

Please read the documentation of the CREATE FUNCTION command.

Show quoted text

On Tue, 22 Mar 2005 06:24:58 -0600, Bruno Wolff III <bruno@wolff.to> wrote:

On Tue, Mar 22, 2005 at 17:27:25 +0530,
Rajarshi Mukherjee <mukherjee.rajarshi@gmail.com> wrote:

Hello all,

i have a function that updates a table. I gave execute grant on it to
a particular user but no grant on the table in question.

when logging in as that user and executing the function, i get an error
ERROR: permission denied for relation <table_name>

How can i ensure that any update on this table is only done through
that function, and that the function is oublicly executable?

You need to create the function with the security definer property.

Please provide suggestions.

Thanks & Regards,
Raj.

---------------------------(end of broadcast)---------------------------
TIP 3: if posting/reading through Usenet, please send an appropriate
subscribe-nomail command to majordomo@postgresql.org so that your
message can get through to the mailing list cleanly

← Back to Topics