Re: pgsql: Use GRANT system to manage access to sensitive functions

Поиск
Список
Период
Сортировка
От Michael Paquier
Тема Re: pgsql: Use GRANT system to manage access to sensitive functions
Дата
Msg-id CAB7nPqTN1aPjV_yGE=rtBoSNEszeh9__vOwdV7RLtFb0BPZWWA@mail.gmail.com
обсуждение исходный текст
Ответ на pgsql: Use GRANT system to manage access to sensitive functions  (Stephen Frost <sfrost@snowman.net>)
Список pgsql-committers
On Thu, Apr 7, 2016 at 10:45 AM, Stephen Frost <sfrost@snowman.net> wrote:
> Use GRANT system to manage access to sensitive functions
>
> Now that pg_dump will properly dump out any ACL changes made to
> functions which exist in pg_catalog, switch to using the GRANT system
> to manage access to those functions.
>
> This means removing 'if (!superuser()) ereport()' checks from the
> functions themselves and then REVOKEing EXECUTE right from 'public' for
> these functions in system_views.sql.

+1.
--
Michael


В списке pgsql-committers по дате отправления:

Предыдущее
От: Stephen Frost
Дата:
Сообщение: pgsql: In pg_dump, split "dump" into "dump" and "dump_contains"
Следующее
От: Tom Lane
Дата:
Сообщение: Re: pgsql: Use GRANT system to manage access to sensitive functions