Why security-definer functions are executable by public by default?

Поиск

Список

Период

Сортировка

От	hubert depesz lubaczewski
Тема	Why security-definer functions are executable by public by default?
Дата	5 апреля 2011 г. 06:41:35
Msg-id	20110405064119.GA9973@depesz.com обсуждение исходный текст
Ответы	Re: Why security-definer functions are executable by public by default? Re: Why security-definer functions are executable by public by default? Re: Why security-definer functions are executable by public by default? Re: Why security-definer functions are executable by public by default?
Список	pgsql-general

Дерево обсуждения

hi

was pointed to the fact that security definer functions have the same
default privileges as normal functions in the same language - i.e. if
the language is trusted - public has the right to execute them.

maybe i'm missing something important, but given the fact that security
definer functions are used to get access to things that you usually
don't have access to - shouldn't the privilege be revoked by default,
and grants left for dba to decide?

depesz

--
The best thing about modern society is how easy it is to avoid contact with it.
                                                             http://depesz.com/

В списке pgsql-general по дате отправления:

Предыдущее

От: Craig Ringer
Дата: 05 апреля 2011 г., 03:59:50
Сообщение: Re: postgres segfaulting on pg_restore

Следующее

От: Sim Zacks
Дата: 05 апреля 2011 г., 07:46:45
Сообщение: Re: Why security-definer functions are executable by public by default?

Вход в личный кабинет

Восстановление пароля

Подтверждение аккаунта

Изменение пароля

Why security-definer functions are executable by public by default?

Предыдущее

Следующее