Re: Restrict ALTER FUNCTION CALLED ON NULL INPUT (was Re: Not quite a security hole: CREATE LANGUAGE for non-superusers)

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: Restrict ALTER FUNCTION CALLED ON NULL INPUT (was Re: Not quite a security hole: CREATE LANGUAGE for non-superusers)
Дата
Msg-id 23665.1339535215@sss.pgh.pa.us
обсуждение исходный текст
Ответ на Re: Restrict ALTER FUNCTION CALLED ON NULL INPUT (was Re: Not quite a security hole: CREATE LANGUAGE for non-superusers)  (Stephen Frost <sfrost@snowman.net>)
Ответы Re: Restrict ALTER FUNCTION CALLED ON NULL INPUT (was Re: Not quite a security hole: CREATE LANGUAGE for non-superusers)  (Stephen Frost <sfrost@snowman.net>)
Список pgsql-hackers
Дерево обсуждения 
Stephen Frost <sfrost@snowman.net> writes:
> What I believe Kevin is getting at here is this:

> There's no way to say "run this function as user X" except by making it
> SECURITY DEFINER and owned by the user you want the function to run as.

> If we had an independent way to have the function run as a specific
> user, where that user DIDN'T own the function, I think Kevin's use case
> would be satisfied.

Interesting thought.  I'm not exactly sure who should be allowed to
apply the "RUN AS other-user" option to a function, but I can see the
possible value of separating the right to modify the function's
definition from the user the function runs as.  Kevin, does this seem
like it would address your concern?
        regards, tom lane

В списке pgsql-hackers по дате отправления:

Предыдущее
От: Stephen Frost
Дата:
Сообщение: Re: Restrict ALTER FUNCTION CALLED ON NULL INPUT (was Re: Not quite a security hole: CREATE LANGUAGE for non-superusers)
Следующее
От: "Kevin Grittner"
Дата:
Сообщение: Re: Restrict ALTER FUNCTION CALLED ON NULL INPUT (was Re: Not quite a security hole: CREATE LANGUAGE for non-superusers)