Function Permissions
Hi,
I really need that a FUNCTION runs allways with this creator/owner permissions, and not with the user permission.
In other words, my FUNCTION must execute several procedures as POSTGRES superuser, and the tables its needs access/insert/delete/update has no permissions to normal user. Only calling my FUNCTION the normal user can do that, and never updating or deleting directly over the tables.
Any idea ?
---------------------------------
Marco Túlio Oliveira
IT-Manager
www.telecontrol.com.br
On Sat, Oct 25, 2003 at 15:11:06 -0200,
Telecontrol Networking <pglist@telecontrol.com.br> wrote:
Hi,
I really need that a FUNCTION runs allways with this creator/owner permissions, and not with the user permission.
In other words, my FUNCTION must execute several procedures as POSTGRES superuser, and the tables its needs access/insert/delete/update has no permissions to normal user. Only calling my FUNCTION the normal user can do that, and never updating or deleting directly over the tables.
Any idea ?
You can use security definer clause when creating the function.
CREATE FUNCTION ... SECURITY DEFINER;
Read the 7.3 docs.
Chris
Telecontrol Networking wrote:
Show quoted text
Hi,
I really need that a FUNCTION runs allways with this creator/owner
permissions, and not with the user permission.In other words, my FUNCTION must execute several procedures as POSTGRES
superuser, and the tables its needs access/insert/delete/update has no
permissions to normal user. Only calling my FUNCTION the normal user can
do that, and never updating or deleting directly over the tables.Any idea ?
---------------------------------
Marco T�lio Oliveira
IT-Manager
www.telecontrol.com.br <http://www.telecontrol.com.br>