GRANT ON C
I'm trying to load the pgcypto.sql file from the contrib in a database and
I've hit a problem which I never had in the past (maybe never did it this
way): when I try to load this file (psql -f) with a specific user, which is
not the postgres super-user I get a permission denied, and couldn't find how
to change that permission problem.
I the postgres super-user the only one that can create functions with LANGUAGE
C?
--
select 'mmarques' || '@' || 'unl.edu.ar' AS email;
-----------------------------------------------------------------
Martín Marqués | mmarques@unl.edu.ar
Programador, Administrador, DBA | Centro de Telemática
Universidad Nacional
del Litoral
-----------------------------------------------------------------
Martin Marques <martin@bugs.unl.edu.ar> writes:
Is the postgres super-user the only one that can create functions
with LANGUAGE C?
Yes, because a C function can basically do anything it wants to with
the privileges of the 'postgres' user.
So you have to create the function as superuser, but you only have to
do that once for each database...
-Doug
El Dom 07 Dic 2003 17:10, Doug McNaught escribió:
Martin Marques <martin@bugs.unl.edu.ar> writes:
Is the postgres super-user the only one that can create functions
with LANGUAGE C?Yes, because a C function can basically do anything it wants to with
the privileges of the 'postgres' user.So you have to create the function as superuser, but you only have to
do that once for each database...
OK.
It's how I thought it was, but need confirmation. ;-)
--
select 'mmarques' || '@' || 'unl.edu.ar' AS email;
-----------------------------------------------------------------
Martín Marqués | mmarques@unl.edu.ar
Programador, Administrador, DBA | Centro de Telemática
Universidad Nacional
del Litoral
-----------------------------------------------------------------
On Sun, 2003-12-07 at 20:00, Martin Marques wrote:
I'm trying to load the pgcypto.sql file from the contrib in a database and
I've hit a problem which I never had in the past (maybe never did it this
way): when I try to load this file (psql -f) with a specific user, which is
not the postgres super-user I get a permission denied, and couldn't find how
to change that permission problem.
I the postgres super-user the only one that can create functions with LANGUAGE
C?
Yes. Just think of all the things you can do in C with the backend's
permissions.
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight, UK http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"And if thy hand offend thee, cut it off; it is better
for thee to enter into life maimed, than having two
hands to go into hell, into the fire that never shall
be quenched." Mark 9:43
Martin Marques <martin@bugs.unl.edu.ar> writes:
Is the postgres super-user the only one that can create functions with
LANGUAGE C?
Yes. Since there's no way to constrain what a C function does, it would
be silly to imagine that a non-superuser wouldn't own the database if he
could create C functions.
regards, tom lane